Certification-only key

Andrew Gallagher andrewg at andrewg.com
Tue Jun 6 15:14:49 CEST 2017


On 2017/06/02 18:25, Peter Lebbing wrote:
> I did later realize that if somebody used a timestamping service to
> timestamp a document you signed, you would have to argue that you
> already published your secret key before that time.

To protect against this, one would use a timestamping service to sign
the secret key publication, thereby proving the publication was earlier
than the forgery.

A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170606/17d5f7ab/attachment.sig>


More information about the Gnupg-users mailing list