Proof for a creation date
ndk.clanbo at gmail.com
Wed Dec 7 06:50:40 CET 2016
Il 07/12/2016 00:27, Andrew Gallagher ha scritto:
> I don't see any reason why it couldn't be done in principle - anyone who wants could set up an "authority" that produces a regular, signed list of all the certificates it currently trusts at each point in time. The trick is a) making sure that revocations get submitted to the authority in a timely fashion and b) working out whether to trust the authority in the first place. But that's a problem in OCSP too.
The "stapling" part is the hardest, since with OCSP usually you need to
verify that something is valid "now", while with a GPG signature you
should be able to attest that something will be valid "forever".
The only way to obtain that (I can think of, and assuming no online
verification: online services come & go...) is having at least three
different kind of keys (RSA, EC, PQ) sign at least three different hash
function results *each*, so that even if an algorithm or two gets
cracked the signature remains valid.
> In general, anything you can do in the X509 trust model you can do in PGP - but with a little more effort and a lot fewer default assumptions.
That's good: this way most "implicit assumptions" must be explicited and
their security impatc must be evaluated.
More information about the Gnupg-users