Best practice for periodic key change?
expires2011 at ymail.com
Sat May 7 22:12:00 CEST 2011
-----BEGIN PGP SIGNED MESSAGE-----
On Saturday 7 May 2011 at 4:03:19 PM, in
<mid:BANLkTi=eRgk72ZXRB46DwkC_diM0ETgptQ at mail.gmail.com>, Jerome Baum
> Next time can you read the whole email and reply to it
> as a whole?
It's generally better to read the whole email and then reply to
whichever points I have anything to say about. That way, it is fairly
easy to follow the discussion.
> The post-dated cheque doesn't say "I signed this in the
> future", but "only accept this from that point in the
> future". That's a big difference. As for the clerk,
> he's an idiot and probably liable for accepting it.
The (future) date on the cheque is simply the date from which the
signed instruction to pay takes effect.
> It's not my problem if people don't check the signature
> timestamp, I can only do my part on making the date
> accurate -- plus maybe educating my recipient on
> checking the timestamp.
Whether or not people check the signature timestamp, it still means
nothing more than "when I signed this, my signature clock was at this
> You assumption on what
> a court would decide is the kind of assumption you said
> I can't make -- which, as Hauke points out, I didn't.
I made no such assumption, merely stated an opinion.
> As for months vs. years, I wanted a clear example.
> Doesn't really make a difference -- 1304780513 is
> different from 1304780514, and also different from
> 1404780513. What's your point?
It was months vs hours. My point was that a few hours one way or the
other, which was open to challenge in the light of the evidence about
an incorrectly set system clock at the time the document was emailed
back, was far less significant than a discrepancy of several months.
Of course, the absence of any evidence that the system clock was
correctly set when the signature was created makes the discussion a
purely academic exercise.
MFPA mailto:expires2011 at ymail.com
If you can't convince them, confuse them.
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users