Problem with faked-system-time option

[Hugo Seifert]

Jerome Baum <jerome at jeromebaum.com> wrote in message
<BANLkTikQo=Qc9CTtNB3e7rFsNu=SqKyXow at mail.gmail.com>:

> >>> if you cheat your employer out of their money,
> >
> >
> > The scenario stated that a fluctuating work volume resulted in 
periods
> > when there was no work to do. Using that time for your own 
purposes
> > does not look to me like cheating your employer.
> 
> In that case you have nothing to fear from your timestamp.
> 
> I personally hold the opinion that you should have a good work
> relationship with your employer (including your manager), and
> therefore when there is really no work to do, using it for 
learning
> new stuff, or yes even for reading /. or TDWTF, shouldn't lead to 
a
> court case. But, of course, you should discuss with your manager 
when
> there is no work to do, and get their permission first. If you go
> ahead and make this decision on your own, then yes you are 
cheating
> your employer -- he might have had work for you to do if only you 
had
> told him there's nothing left.

  "In that case you have nothing to fear from your timestamp"???  
Then why use encryption at all, when we're always honest, don't 
plan evil things and have nothing to hide, nothing to fear?  And 
there arises the question who is privileged to determine what's 
evil and what isn't?

  Protection only to those who comply with your rules sounds like 
censorship.  Do you think GnuPG should only support people who 
adhere to your social conventions and not OBL hiding in his "cave"? 
 If I understand you correctly, in that case being able to locate 
the ill-affected originator of a message with the assistance of his 
signatures' timestamps is acceptable.  But how about a U.S. agent 
acting undercover in enemy territory or someone participating in a 
Usenet discussion on the HIV disease he suffers from?  With such a 
differentiation you're treading on thin ice, aren't you?

  I read most of this lengthy thread and wondered why for some it 
is so hard to accept that there are negative implications of exact 
timestamps, which is why I venture one further example.

  Have you ever heard of OmniMix (http://www.danner-net.de/om.htm)? 
 That's a tool aiming at freedom of speech by making it very easy 
to address onion remailers with your mail and news client software. 
 I use it when posting anonymously to the Usenet, which means with 
almost all of my newsgroup contributions.

  No less than 4 years ago in gnupg-devel, message 
<84uor29d9cc2r9ilnvt5bc16non5elup05 at domain.is.invalid>, its author 
complained about security risks for not having a chance to alter 
key and signature timestamps and argued the case for a GnuPG 1.4 --
creation-date option.

  He wrote

: Is there a chance to get an additional GPG option that allows to 
set
: the creation date of keys and signatures?
: 
: I'm developing a Windows proxy server that works as a gateway to 
anon
: remailers and nym servers. For such an application it's mandatory 
to
: disguise all timestamps within messages, as e.g. getting 
knowledge of
: the exact shipping time would make it a lot easier for an 
adversary to
: compromise the author. Currently I see no alternative to a 
temporary
: manipulation of the system time when such sensitive action takes
: place. But that strategy entails a lot of potential side effects,
: especially in a server environment.

  If that's no valid reason to add such an option, what else would 
be?  In <87lkjkp7pz.fsf at wheatstone.g10code.de> Werner kindly 
promised to act, but four years have passed and nothing happened.  
Or is the agenda behind GnuPG to provide privacy but forget about 
or even prevent anonymity ignoring the fact that we're living in a 
world where escaping ubiquitous surveillance becomes harder and 
harder.

  Just my 2 cents.

Hugo S.