Problem with faked-system-time option
expires2011 at ymail.com
Sun Jun 26 16:37:02 CEST 2011
-----BEGIN PGP SIGNED MESSAGE-----
On Sunday 26 June 2011 at 1:16:04 PM, in
<mid:20110626121604.D99C814DBD4 at smtp.hushmail.com>, Hugo Seifert
> "In that case you have nothing to fear from your
> timestamp"??? Then why use encryption at all,
We were actually talking about signature timestamps; if the
message/data is encrypted but not signed, does it even have a
> we're always honest, don't plan evil things and have
> nothing to hide, nothing to fear? And there arises
> the question who is privileged to determine what's
> evil and what isn't?
And also the question about being seeking privacy and/or anonymity to
try and hide from another party who is "evil."
> Protection only to those who comply with your rules
> sounds like censorship.
Very much so.
> I read most of this lengthy thread and wondered why
> for some it is so hard to accept that there are
> negative implications of exact timestamps, which is
> why I venture one further example.
> Have you ever heard of OmniMix
> (http://www.danner-net.de/om.htm)? That's a tool
> aiming at freedom of speech by making it very easy to
> address onion remailers with your mail and news client
> software. I use it when posting anonymously to the
> Usenet, which means with almost all of my newsgroup
I have bookmarked that URL and will read another time.
Is it easier than using anonymous remailers, etc.? They always looked
like a good idea but quite some hassle, so I never got around to
> No less than 4 years ago in gnupg-devel, message
> <84uor29d9cc2r9ilnvt5bc16non5elup05 at domain.is.invalid>,
> its author complained about security risks for not
> having a chance to alter key and signature timestamps
> and argued the case for a GnuPG 1.4 -- creation-date
> He wrote
> : Is there a chance to get an additional GPG option
> that allows to set : the creation date of keys and
> signatures? : :
> If that's no valid reason to add such an option, what
> else would be? In
> <87lkjkp7pz.fsf at wheatstone.g10code.de> Werner kindly
> promised to act, but four years have passed and nothing
- --faked-system-time doesn't work, at least in GnuPG 1.4.11 under
Windows XP. You can create keys in batch mode and specify the creation
and self-signature timestamps but can only create one subkey; as far
as I can tell, there is no option to specify the creation time of
subsequent signatures or additional subkeys.
> Or is the agenda behind GnuPG to provide
> privacy but forget about or even prevent anonymity
> ignoring the fact that we're living in a world where
> escaping ubiquitous surveillance becomes harder and
I can't comment about anybody's "agenda" but in previous discussions,
suggestions for hashed UIDs have certainly had a rough ride (for
example, see the lengthy thread on this list starting on 28 February
2011 with Message-ID:
<AANLkTimSnQbCstUrV9DiAafg0JkELZiVJRFE1VNtwqtk at mail.gmail.com>).
MFPA mailto:expires2011 at ymail.com
Ultimate consistency lies in being consistently inconsistent
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users