timestamp notation @gnupg.org
jerome at jeromebaum.com
Thu Jun 16 19:21:35 CEST 2011
> Do you want to promote the uniform usage of notations (perhaps later taken
> over into IETF namespace) via this mailinglist and an officially maintained
> list of notations in the gnupg.org namespace or not?
> If you want to avoid notations in gnupg.org then the discussion is finished
As the last post I will contribute to this thread (unless we get a
positive response from Werner), here's a summary of where we are:
1. timestamp-only at gnupg.org. If this notation exists on the signature,
that indicates it is a timestamp signature.
1 a. Should we set this notation critical, non-critical, or user's
choice? We also had the suggestion of doing two signatures, one w/
critical and one w/out. The idea was that the user will be inclined to
look more closely.
1 b. On what signature types may this notation be defined? 0x00
definitely, what else?
2. Suggestion: timestamp-resolution at gnupg.org. Value is number of
seconds of error in both directions.
2 a. Thinking about it, this should be two notations:
timestamp-error at gnupg.org, and timestamp-resolution at gnupg.org (the
difference being: error = clock drift, while resolution = fixed
intervals, e.g. for datestamps resolution would be 86400 and timestamp
would be at 00:00).
2 b. Another alternative is timestamp-interval at gnupg.org = <ISO 8601 time
interval> which describes the interval during which the timestamp was
made, accounting for precision and error, and leaving no room for
interpretation of the interval, but making it the signer's duty to
compute this interval.
2 c. Again, where may this be defined? At least all of # 1 b.
3. Other stuff?
Just so that Werner has a summary of what we've discussed, to base a
email jerome at jeromebaum.com
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
More information about the Gnupg-users