>>> Out of curiosity, as long as we're talking about things that current code
>>> will reject, does the 0x50 signature meet the semantics desired here? This
>>> all sounds vaguely notary-like ("I saw this document on such-and-such
>>> date") to me, and the intent of 0x50 is a notary signature. The nice thing
>>> about a 0x50 signature is that it is a signature on a signature, so the
>>> timestamp service doesn't need to see the document - just the (detached)
>>> signature.
>>
>> My understanding of a notary's job would include "I trust this key to
>> be valid, in possession only of the person named in the uid, while
>> that person was in sufficient mental state, not being threatened at
>> gun-point, ..."
>
> The 0x50 signature should not be interpreted as the output of a real-world
> notary
Who says that?
> OpenPGP calls this signature a "Third-Party Confirmation signature". It is
> merely a signature on a signature for whatever purpose is desired by the
> signer.
So, is it interpretation-dependent?
>> -- why should we use a signature type that could be
>> misinterpreted, when there is a "timestamp" signature type that fits
>> our needs exactly?
>
> Because as already noted, the 0x40 signature is not fully specified in the
> standard. There is not enough information to know how to generate one.
Looking at <http://tools.ietf.org/html/rfc4880>:
1. Referring to 0x50: "It is analogous to a notary seal on the signed
data." -- see my problem with that above.
2. If the issue is "text vs. binary", § 5.2.1 ("Signature Types")
seems to suggest all signatures besides 0x01 are binary.
3. If the issue is "what do we sign (data vs. another signature)?", I
would say it depends what you're trying to do: Are you asserting that
you saw the signature, or are you asserting that you saw the data?
--
Jerome Baum
tel +49-1578-8434336
email jer...@jeromebaum.com
web www.jeromebaum.com
--
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
