Problem with faked-system-time option

MFPA expires2011 at
Sun Jun 26 16:37:02 CEST 2011

Hash: SHA512


On Sunday 26 June 2011 at 1:16:04 PM, in
<mid:20110626121604.D99C814DBD4 at>, Hugo Seifert

>   "In that case you have nothing to fear from your
> timestamp"???   Then why use encryption at all,

We were actually talking about signature timestamps; if the
message/data is encrypted but not signed, does it even have a

> when
> we're always honest, don't  plan evil things and have
> nothing to hide, nothing to fear?  And  there arises
> the question who is privileged to determine what's
> evil and what isn't?

And also the question about being seeking privacy and/or anonymity to
try and hide from another party who is "evil."

>   Protection only to those who comply with your rules
> sounds like  censorship.

Very much so.

>   I read most of this lengthy thread and wondered why
> for some it  is so hard to accept that there are
> negative implications of exact  timestamps, which is
> why I venture one further example.

>   Have you ever heard of OmniMix
> (   That's a tool
> aiming at freedom of speech by making it very easy  to
> address onion remailers with your mail and news client
> software.   I use it when posting anonymously to the
> Usenet, which means with  almost all of my newsgroup
> contributions.

I have bookmarked that URL and will read another time.
Is it easier than using anonymous remailers, etc.? They always looked
like a good idea but quite some hassle, so I never got around to
trying them.

>   No less than 4 years ago in gnupg-devel, message
> <84uor29d9cc2r9ilnvt5bc16non5elup05 at>,
> its author  complained about security risks for not
> having a chance to alter  key and signature timestamps
> and argued the case for a GnuPG 1.4 -- creation-date
> option.

>   He wrote

> : Is there a chance to get an additional GPG option
> that allows to  set : the creation date of keys and
> signatures? :  :
>   If that's no valid reason to add such an option, what
> else would  be?  In
> <87lkjkp7pz.fsf at> Werner kindly
> promised to act, but four years have passed and nothing
> happened.

- --faked-system-time doesn't work, at least in GnuPG 1.4.11 under
Windows XP. You can create keys in batch mode and specify the creation
and self-signature timestamps but can only create one subkey; as far
as I can tell, there is no option to specify the creation time of
subsequent signatures or additional subkeys.

> Or is the agenda behind GnuPG to provide
> privacy but forget about  or even prevent anonymity
> ignoring the fact that we're living in a  world where
> escaping ubiquitous surveillance becomes harder and
> harder.

I can't comment about anybody's "agenda" but in previous discussions,
suggestions for hashed UIDs have certainly had a rough ride (for
example, see the lengthy thread on this list starting on 28 February
2011 with Message-ID:
<AANLkTimSnQbCstUrV9DiAafg0JkELZiVJRFE1VNtwqtk at>).

- --
Best regards

MFPA                    mailto:expires2011 at

Ultimate consistency lies in being consistently inconsistent


More information about the Gnupg-users mailing list