On 30/08/17 12:39, Stefan Claas wrote: > But then it would be imho advisable that you use a different timestamp (time > in the future), because when verifying the published message the timestamp > would be earlier than the time the sec key would have appeared on the net, > right?
Either the timestamp can be faked and the repudiated document can have any timestamp without any proof whatsoever. Both you and the supposed faker could fake the timestamp. Or there is a trusted timestamping service which can dependably assert the minimum age of the document, and you have an extra hurdle to take. You faking the timestamp has the problem that the signature is odd or doesn't verify even during the period of time when you wish to have it validly signed. If you never intended to convey it was true in some sense, you wouldn't sign it at all. The purpose of a repudiable signature is to first assert validity and only later deny it, as I understand. It is not something I know a lot about, though. If there is a timestamping service, you need to make it credible that you had already published the key by then. It seems credible enough by default. You could do this from time to time (create ECC keypair, sign it with your key, immediately publish the keypair), so it wouldn't seem out of character. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
