"gpg: Signature made <date time>" tamper resistant?

Craig Ringer craig at 2ndquadrant.com
Mon Mar 4 05:17:38 CET 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 03/04/2013 11:59 AM, Daniel Kahn Gillmor wrote:
> On 03/03/2013 09:30 PM, Craig Ringer wrote:
>
>> I've been wondering for a while if anyone's running
>> a GPG remote timestamping and attestation service, where you can submit
>> text (or the hash of a binary) to the service by web or email and have
>> it sign it with a key only it had access to. The timestamp signature
>> could then be verified by anyone, without relying on the service being
>> up or even the continued existence of the service, in order to prove
>> that at a certain time a certain text existed.
>
> Take a look at http://www.itconsult.co.uk/stamper.htm
>
> I have no experience with them, but they've been discussed before in
> this list, if you want to review the archives.
>
> You might also be interested in the relevant wikipedia article:
>
> https://en.wikipedia.org/wiki/Trusted_timestamping
>

Thankyou. I didn't know the exact term I was looking for, so I hadn't
found that. Much appreciated.

- -- 
 Craig Ringer                   http://www.2ndQuadrant.com/
 PostgreSQL Development, 24x7 Support, Training & Services
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJRNCBiAAoJELBXNkqjr+S2wSkH/jHzZwjY6LWAOIq4cs+T/a+L
G1CTPbJt5BQ3qSrHmlJrvtb2dKc4bjjoyq8fG+AKUGLHFXPPllZH0dkrKJu3UgLW
C62CYq3tApAvm0M2cIFoWsOwx6sHTmcVflGbwe+u+cmkKpwDdVHk/s0JcEbB71G8
fyijzUQ+qV+lNdBkYl7y+3MjPDwnucplT9zyFoeANyxgGOvNWPlvSLwtCIjLzQAD
Z5HPmFPe0Eo046dycDPtXIvu3YqOYMCgkgqnYlK9b4eYAJwp017Y2kt3bPNZucLq
YPfwckz1Py9lkkyPSlLl3zLBCI2wd69aZccFKhXT1kXmN3KdF2vFJ43u4MdQu2E=
=P36G
-----END PGP SIGNATURE-----




More information about the Gnupg-users mailing list