E-mail with deniable authentication

Stefan Claas stefan.claas at posteo.de
Wed Aug 30 12:39:23 CEST 2017


Am 30.08.2017 um 11:43 schrieb Peter Lebbing:

> With a little scripting, you could create a new ECC keypair (fast!) 
> for each
> message, sign the keypair with your normal key, sign the message with the ECC
> keypair. And when you want to backpedal on a signed message, publish the private
> ECC key and say "look, anybody who downloaded my private key off the web could
> have signed that message".
>
But then it would be imho advisable that you use a different timestamp 
(time in the future), because
when verifying the published message the timestamp would be earlier than 
the time the sec key would
have appeared on the net, right?

Regards
Stefan




More information about the Gnupg-users mailing list