Problem with faked-system-time option

Thu Jun 16 15:58:47 CEST 2011

On Jun 16, 2011, at 3:14 AM, Werner Koch wrote:

> On Wed, 15 Jun 2011 21:50, dkg at fifthhorseman.net said:
> 
>> According to whois, that's Werner and g10 code GmbH.  Werner, can you
>> comment on any policy for use of @gnupg.org notations?  Would it help if
> 
> If it is a reasonable thing I see no problem to register it and setup an
> email alias or autoresponder.  This thread is way to long to follow; in
> particular because I am not really interested in a general purpose
> timestamping service; such services used to exist in the past with
> non-clear semantics.  If you need timestamping for a project, you can
> simply do it for that particular project without any problems.
> 
> Will you be so kind and re-explain for what this notation is to be used?
> 
> David, is that okay for you?

I got into this discussion because there was talk of new subpackets or sigclasses and a misunderstanding of how notations worked.  I don't have a particular desire or need for a timestamp signature, but I do have a particular desire for OpenPGP and GPG to grow cleanly.

I see two parts to this: one, the definition of a new notation to indicate timestamp-only and what that means and how it is used, and two, the incorporation of new code in GPG to use the new notation.

On the first part, my feeling is that if someone needs a notation and wants it to be as widely useful and well designed as possible, they should treat it a a new subpacket would be treated on ietf-openpgp: propose, discuss, revise, etc, and consider it in the context of the whole standard.  Very frequently, a subpacket could be more generally useful than a single original purpose, and it's worth looking at things from that perspective.  For example, one of the proposed notations is a timestamp accuracy notation - could that be also useful for regular non-timestamp signatures?  New subpackets or notations can also be dangerous or at least confusing: what does a timestamp-only key signature mean?  Unless it's marked critical, the web of trust code in both GPG and PGP will treat those signatures as fully qualified ones and not just timestamp-only, yet if it is marked critical, it's not very useful without code changes.  All of that is solvable, of course, but it should be addressed.

In this particular case, people seem to want a notation under the gnupg.org domain, arguing that it will be more likely to be adopted as the gnupg.org domain lends some cachet.  I don't agree with that, but don't care enough to argue it.

In terms of the second part, GPG itself, I don't yet see a need for any code change, which will have to be written and then maintained in the code (semi-)indefinitely.  Perhaps I'm cynical, but I don't really see a lot of people clamoring for this or blocked for the lack of it, especially given that if people desire to tag their signatures as timestamp-only, they can do that now via --notation-data, and look for its presence via show-notations, which is the default anyway.

David