Lutz Donnerhacke <lutz(_at_)iks-jena(_dot_)de> writes:
I do have an application for this type of signature without providing the
full meaning of notary (0x50) signatures.
There is a full blown enviroment which requires timestamping at users end
without involving a real notary timestamping service. The German signature
law contains a protocol error in proofing signatures of withdrawn keys. The
only sound solution requires an additional timestamp of every signature. The
law assumes that the sender is responsible for providing the timestamp.
SigG/SigV conformance of OpenPGP applications is not going to happen
(and is not even desirable IMHO).
RFC 2440bis should simply state that there are a few flags for which
future RFCs may specify semantics. Consensus on this list seems to be
that RFC 2440bis should remain a format spec, and signature semantics
would clearly be beyond its scope.
--
Current mail filters: many dial-up/DSL/cable modem hosts, and the
following domains: atlas.cz, bigpond.com, postino.it, tiscali.co.uk,
tiscali.cz, tiscali.it, voila.fr.