Slightly OT - i need the proper wording for a signed document
Stefan Claas
stefan.claas at posteo.de
Fri Nov 2 10:53:06 CET 2018
On Thu, 1 Nov 2018 23:50:48 +0100, Stefan Claas wrote:
Hi veedal,
> > A simple, but slightly tedious workaround, would be to GnuPG Armor
> > Sign the .pdf
> >
> > The elDAS signature will still work, but the Armored Signed message
> > is much harder to alter, and such alteration is detectable as
> > malicious rather than a 'mistake.
>
> Thank you very much for this valuable information, much appreciated!
>
> It is now a bit late, but i will try this out tomorrow.
O.k. i played a bit with it, but as you said "slightly tedious
workaround"... I will use another method, which does not allow an attack
imho.
I did this in the past with detached signatures, when i posted files,
and it should be used more widely, imho!
Simply one can use a time stamping service, based on blockchain
technology. I can then time stamp the .pdf. and put also a
statement in the .pdf that the file is timestamped and don't must
worry in the future if one MITM would try (and why?) to alter my
documents.
https://opentimestamps.org
Regards
Stefan
--
https://www.behance.net/futagoza
https://keybase.io/stefan_claas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: Digitale Signatur von OpenPGP
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20181102/7e1f073f/attachment-0001.sig>
More information about the Gnupg-users
mailing list