[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnumed-devel] GNotary
From: |
Karsten Hilbert |
Subject: |
Re: [Gnumed-devel] GNotary |
Date: |
Sun, 28 Aug 2005 15:56:36 +0200 |
User-agent: |
Mutt/1.5.9i |
On Sun, Aug 28, 2005 at 08:39:38AM +0800, Syan Tan wrote:
> X-Mailer: AtMail 4.03
>
> How does gnotary prevent the timestamps in signatures from being altered at a
> later time
It doesn't. But doing so renders the signature invalid.
> , or a stored signature of an original document be replaced with a different
> signature of a different document at some other time , and that altered
> signature
> also being passed on to colluding client ?
What help is that to potential cheaters ? You keep a signed
hash of the document. If you hash the original it needs to
produce the same value as the signed hash shows.
Karsten
--
GPG key ID E4071346 @ wwwkeys.pgp.net
E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346