Problem with faked-system-time option

Thu Jun 16 18:55:33 CEST 2011

(In the context below, "we" refers to the people to whom the
respective statement applies.)

> I got into this discussion because there was talk of new subpackets or sigclasses and a misunderstanding of how notations worked.

What talk of new subpackets and signature classes? Feel free to quote.

As for the misunderstanding of how notations work, what's their
purpose then? Aren't they incorporated into the standard to make it
easier to extend/add features? Is it a "bad thing" to have a
computer-readable notation?

(Of course, I'm assuming that "how notations worked" refers to "what
they are meant for", and not to the technical aspects [notations being
key-value pairs etc]. The latter would be non-sense, as we've not
shown a misunderstanding for how notations technically work.)

> On the first part, my feeling is that if someone needs a notation and wants it to be as widely useful and well designed as possible, they should treat it a a new subpacket would be treated on ietf-openpgp: propose, discuss, revise, etc, and consider it in the context of the whole standard.

Haven't we proposed a specification, asked for input (discuss),
revised it (I've posted at least one update)? Just because you've
withheld your input until now, doesn't meant we haven't discussed
this, and that we aren't still discussing this.

>  Very frequently, a subpacket could be more generally useful than a single original purpose, and it's worth looking at things from that perspective.  For example, one of the proposed notations is a timestamp accuracy notation - could that be also useful for regular non-timestamp signatures?

Probably not. Everyone seems to agree that timestamps in a normal
signature are somewhat meaningless and only serve as an indicator. If
you want a reliable timestamp, why not make a timestamp signature?

In fact, even if there was a way to indicate timestamp accuracy for a
standard 0x00 (e.g. appropriately specifying the notation), I have
strong feelings against that. If I do a timestamp signature, I'm aware
that I should worry about my system time being correct. If I do a
plain 0x00 signature, I may well forget, and if my defaults say "this
timestamp is accurate, add the appropriate field/notation", suddenly
I'll be in trouble for falsification, fraud, or something of the kind.
I'm thinking of an average user here, who doesn't have 100% reliable
memory and may forget stuff. I'll simply ignore any argument that
assumes the average user doesn't forget stuff.

Looking at it though, this still doesn't speak against a notation. I
have yet to hear a solid reason for not using a notation (besides "I
like 0x50. It severely limits what you can do with it, but I feel
reuse must be done at all costs. Use 0x50" -- note that I'm not even
bringing up the confusion argument anymore, as that's highly
subjective -- but the inability to sign data is an objective fact).

>  New subpackets or notations can also be dangerous or at least confusing: what does a timestamp-only key signature mean?

timestamp-only at gnupg.org would apply only to data signatures. But see below.

>  Unless it's marked critical, the web of trust code in both GPG and PGP will treat those signatures as fully qualified ones and not just timestamp-only, yet if it is marked critical, it's not very useful without code changes.

We never suggested timestamp-only certifications. How would those make
sense anyway? Are you saying that this key was valixistant at some
point in time? (Sure, there can be a reason, and I'd love to hear it.
The point is, you didn't bring this up before and now you're
complaining we haven't discussed it?)

>  All of that is solvable, of course, but it should be addressed.

Which is why I've repeatedly asked for input on the proposed specification.

> In terms of the second part, GPG itself, I don't yet see a need for any code change, which will have to be written and then maintained in the code (semi-)indefinitely.  Perhaps I'm cynical, but I don't really see a lot of people clamoring for this or blocked for the lack of it, especially given that if people desire to tag their signatures as timestamp-only, they can do that now via --notation-data, and look for its presence via show-notations, which is the default anyway.

That's one of the reasons we're preferring the notation. It "just
works". In fact, unlike 0x40/0x50, we can choose how an older
implementation reacts to a notation-marked timestamp-only signature
(by setting critical or not).

-- 
Jerome Baum
tel +49-1578-8434336
email jerome at jeromebaum.com
web www.jeromebaum.com
--
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA