"gpg: Signature made <date time>" tamper resistant?

Daniel Kahn Gillmor dkg at fifthhorseman.net
Mon Mar 4 04:59:52 CET 2013

On 03/03/2013 09:30 PM, Craig Ringer wrote:

> I've been wondering for a while if anyone's running
> a GPG remote timestamping and attestation service, where you can submit
> text (or the hash of a binary) to the service by web or email and have
> it sign it with a key only it had access to. The timestamp signature
> could then be verified by anyone, without relying on the service being
> up or even the continued existence of the service, in order to prove
> that at a certain time a certain text existed.

Take a look at http://www.itconsult.co.uk/stamper.htm

I have no experience with them, but they've been discussed before in
this list, if you want to review the archives.

You might also be interested in the relevant wikipedia article:




-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20130303/2dd4d897/attachment.pgp>

More information about the Gnupg-users mailing list