On 06/06/17 15:14, Andrew Gallagher wrote: > To protect against this, one would use a timestamping service to sign > the secret key publication, thereby proving the publication was earlier > than the forgery.
I think you're going backwards about this. This is how I understand it: Until the key is expired, you want people to recognize your signatures as valid and issued by you. Hence, you don't publicly disclose your secret key. You only do this once your key is expired. Henceforth, you want to plausibly deny you issued those signatures which you in fact *did* issue. As long as there is no timestamping service, you could claim the signature to be a recent forgery with a forged time of signature. However, if somebody has used a timestamping service to prove the signature was in fact really issued before the key expired, you'll have to claim that you had already disclosed the secret key back then. Even though you didn't. So you can't prove it with a timestamping service because it is not actually the case. And then there is the issue that the timestamp in general proves the data *existed* at the time of issuance. But this doesn't prove the data was disclosed publicly. Obviously the secret key existed, nobody is questioning that. To prove it was disclosed, you'll need to go through some more steps. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
