David Shaw <dshaw(_at_)jabberwocky(_dot_)com> writes:
This is interesting, as I had been thinking of a service that did not
verify the contents of the original document before notarizing the
signature. This service would purely be to validate the timestamp
(and other data) in the original signature, so no need to send the
original document which may be sensitive.
Well, there are certainly multiple services available. You are
correct that validating the signature is not a requirement.
Jon Callas <jon(_at_)callas(_dot_)org> writes:
I like the idea of a notary signature that only signs a signature packet.
This would mean your signer doesn't even need to see the document that's
being notarized, which has a certain panache to it.
How about if I do this:
* Write up a description of a notary signature.
* Change the "revocation target" subpacket to be a "signature target"
subpacket so it can work double duty
How's that sound?
Sounds good to me.
Computer and Internet Security Consultant