Best practice for periodic key change?

MFPA expires2011 at ymail.com
Sat May 7 22:12:00 CEST 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Saturday 7 May 2011 at 4:03:19 PM, in
<mid:BANLkTi=eRgk72ZXRB46DwkC_diM0ETgptQ at mail.gmail.com>, Jerome Baum
wrote:


> Next time can you read the whole email and reply to it
> as a whole?

It's generally better to read the whole email and then reply to
whichever points I have anything to say about. That way, it is fairly
easy to follow the discussion.



> The post-dated cheque doesn't say "I signed this in the
> future", but "only accept this from that point in the
> future". That's a big difference. As for the clerk,
> he's an idiot and probably liable for accepting it.

The (future) date on the cheque is simply the date from which the
signed instruction to pay takes effect.



> It's not my problem if people don't check the signature
> timestamp, I can only do my part on making the date
> accurate -- plus maybe educating my recipient on
> checking the timestamp.

Whether or not people check the signature timestamp, it still means
nothing more than "when I signed this, my signature clock was at this
date/time."



> You assumption on what
> a court would decide is the kind of assumption you said
> I can't make -- which, as Hauke points out, I didn't.

I made no such assumption, merely stated an opinion.



> As for months vs. years, I wanted a clear example.
> Doesn't really make a difference -- 1304780513 is
> different from 1304780514, and also different from
> 1404780513. What's your point?

It was months vs hours. My point was that a few hours one way or the
other, which was open to challenge in the light of the evidence about
an incorrectly set system clock at the time the document was emailed
back, was far less significant than a discrepancy of several months.

Of course, the absence of any evidence that the system clock was
correctly set when the signature was created makes the discussion a
purely academic exercise.

- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

If you can't convince them, confuse them.
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJNxaeWnhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5p0JoEAIsV
/vnmisrR/w52U8YqEJu78z1iTXyUqiKWELh9C39h0MQsD4uwiaqQ8BITVNXW7NjO
e2i4iLYGZcN1rAGlRjrIZLX1TMXczqS40aQl4Pa/9btjCLkYxjPSOciVfXoIFTFs
6tdcPzP6tOyK31qKcPcoI/uwTuPyl4aboPu7AB7N
=AN5H
-----END PGP SIGNATURE-----




More information about the Gnupg-users mailing list