On Thu, 25 Apr 2002, David Shaw wrote:
RFC-1991 defined sigclass 0x40 as a timestamp, and went on to further
explain its intended use ("Type <40> is intended to be a signature of
a signature, as a notary seal on a signed document.")
When RFC-2440 came out, this extra explanation seems to have been
lost, as 2440 defines 0x40 only as a timestamp. A sigclass for a
signature on a signature would be very useful. Any chance to restore
this clarification in the next draft?
Yes, please. I plan to use this in a project in the not-so-distant future.
I know there are a few timestamping services for OpenPGP in operation
already -- are any of them using this now?
--Len.