>> Yes, and it is trivial to write a fake date next to my >> signature. That doesn't mean there are no legal >> implications. In fact, just as I can commit fraud >> (under the right circumstances) by writing that fake >> date on a piece of paper, I can commit fraud by using a >> fake time-stamp in an OpenPGP signature. > > Commit fraud, or make a trivial error...
Right. I can also be mistaken when dating my signature. As I said, it depends on the circumstances. Even if I purposely lie about the date, if there's no damage it's not fraud. So I agree with your point about not relying on the signature date, which necessarily includes the date of a digital signature. That doesn't mean you should entirely ignore it either -- sounds a bit "black and white", doesn't it? The date is an indicator, nothing more, but also nothing less. >> Let's summarize: The signature time has potential legal >> implications. > > Fair enough. But, as you illustrate above, it is trivial for a > signature date/time to be incorrect. Therefore it is potentially > unsafe to rely on them as being correct. No-one said you should rely on that. Just as you shouldn't rely solely on the date next to a signature. Anyone can lie. -- Jerome Baum tel +49-1578-8434336 email jer...@jeromebaum.com web www.jeromebaum.com -- PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
