Hello Juegen. Am Freitag, den 02.11.2018, 18:27 +0100 schrieb Juergen BRUCKNER: > Hello Dirk, > Am 02.11.18 um 15:20 schrieb Dirk Gottschalk via Gnupg-users: > > You mean, you "tampered" with the file and the signature is still > > valid? Are you sure? Then Adome does sometging really bad, IMHO. > > > > Such a signature should ensure that the file is unmodified > > completely. > > otherwise somebody can modify it in a way that could be used as a > > backdoor to the signature, at least in theory. > That is correct, that a signature is valid if there is added a > timestamp > AFTER sign the document. Very simplified it uses the same method for > timestamping as for signing, and it is a kind of 2nd signature on the > same document. the document is NOT altered or manipulated.
Okay, you're right. When I sign AND timestamp a Document with LibreOffice, then I'am asked 2 times for my Card-Pin. Seems like the document is signed first an then the Timestamp. I never gave attention to this, but your explaination seems to clear up with this phenomenom. Regards. Dirk -- Dirk Gottschalk Paulusstrasse 6-8 52064 Aachen, Germany GPG: DDCB AF8E 0132 AA54 20AB B864 4081 0B18 1ED8 E838 Keybase.io: https://keybase.io/dgottschalk GitHub: https://github.com/Dirk1980ac
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
