ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Whither the 0x40 timestamp signature?

2004-04-22 01:23:26
from [Lutz Donnerhacke] [Permanent Link] 

* David Shaw wrote:

If the intent is that 0x40 is in fact a signature over a signature
(and nothing else), then a simple fix is to change section 5.2.1,
which currently says:

    0x40: Timestamp signature.
        This signature is only meaningful for the timestamp contained
      in it.

Change to read:

    0x40: Timestamp signature.
        This signature is a signature over some other OpenPGP
      signature packet(s).  It is only meaningful for the timestamp
      contained in it.

I'm not advocating that outcome.  I'm equally content to see it
defined, marked for future use, or dropped.


I do have an application for this type of signature without providing the
full meaning of notary (0x50) signatures.

There is a full blown enviroment which requires timestamping at users end
without involving a real notary timestamping service. The German signature
law contains a protocol error in proofing signatures of withdrawn keys. The
only sound solution requires an additional timestamp of every signature. The
law assumes that the sender is responsible for providing the timestamp.

A simple (non notary) timestamp to be included consists of two values:
  - name of the timestamping service
  - value of the timestamp

Those values can be included in three ways:
  a) Defining (one or two) notation data packets to optionally include such
     a timestamp in every signature packet.
  b) Defining a 0x40 signature as hashing the refered signature, and both
     fields.
  c) Defining a 0x40 signature as hashing the refered signature and include
     the notation data packets from version a.

Variant a seems the most interesting one. Variant c extents this variant to
the possibility of timestamping a signature later (by an other person).

So I'd vote for defining a signature subpackets or two notation data
subpackets for providing (non notary) timestamping pruposes, and defining
the 0x40 signature type to as a hash over the whole signature subpacket
(followed by the normal signature process). It's recommented to include the
timestamp subpackets into every 0x40 signature.

Should I provide detailed description, or should we remove the whole part?
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: "Yes, I can handle PGP/MIME", Len Sassaman
Next by Date:  Re: "Yes, I can handle PGP/MIME", Adrian 'Dagurashibanipal' von Bidder
Previous by Thread:  Re: Whither the 0x40 timestamp signature?, Jon Callas
Next by Thread:  Re: Whither the 0x40 timestamp signature?, Ian Grigg
Indexes:  [Date] [Thread] [Top] [All Lists]