On Tue, 14 Jun 2011 22:26:57 -0400, Robert J. Hansen wrote: >On 6/14/11 7:46 PM, Jerome Baum wrote: >> Err, I have to apologize if I misunderstand, not being a native >> speaker, but based on http://en.wikipedia.org/wiki/Handwaving I >> understand that you're saying something like this? >> >> "You're ignore the fact that X" > >More like "the original poster is ignoring..." I am emphatically in >agreement with your general point, which is that social problems demand >social answers.
This discussion is more and more moving away from my initial problem of not revealing the exact time when signing a piece of data in case I just want to acknowledge its origin (or receipt) but no further information, which is far from trying to invoke any temporal implications with intent to defraud. Here's a mundane real world example, a scenario where an exact signature timestamp means a tremendous danger, in your words a social problem arising from a technical deficit, which in my opinion has to be addressed (to forestall suspicion I must start by mentioning that I'm running my own small business with a few employees like Bob or Alice ;-)): Bob always carries a USB drive containing his mailing system with him, during leisure time as well as at work. Now, with a periodically changing volume of work there's idleness from time to time at his job. In those slack periods he has the chance to deal with his correspondence. And being a diligent person he's used to signing and encrypting his mail. But now he's toast. One of the messages he wrote at work was accidentally forwarded to his boss, who saw the signature, which was made on company time. It was up to him to provide evidence that that timestamp was wrong, which he couldn't. He lost his job, his existence. How could that threatening risk have been avoided (disregarding kicking one's heels instead of always aiming at being productive)? Bob wasn't granted access to the computer's system time, which furthermore got synchronized with an NTP server in regular intervals. And now about Alice. Being in a simular situation she uses her own netbook, for privacy reasons adjusts clock time back and forth with every signature she creates, and, to indicate that the timestamp of the signature is artificial, chooses the key's exact creation timestamp for all her signatures as well, as by setting it to '0' or any other time before key creation she would risk the rejection of those potentially invalid signatures, and by using a later time she might be accused of fraud. Key revocation is of no relevance, as in this respect the time of message reception by the addressee is an adequate substitute for the lack of a valid signature timestamp. Alice only wishes to get around the annoying system time manipulations she has to repeat again and again. Do you think Alice's approach is or may become an acceptable strategy, not breaking existing conventions, and getting the chance to become supported by kind of a '--no-signature-timestamp' GnuPG option? Regards Amano _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
