Re: Timestamping signed documents or detached signature files
Hi Stefan, > Maybe you find this little info useful too, because i have not seen > this topic discussed here yet. I'm aware that there is or was an > old Timestamping Service in England available, but i thought > that the blockchain is cool. Yep, this is definitely cool. I don't know if you've seen it but there is also a helper script for timestamping git commits: https://github.com/opentimestamps/opentimestamps-client/blob/master/doc/git-integration.md And one minor note, that it's actually possible to (ab)use X.509 timestamping servers for OpenPGP because they just timestamp any hash that you give them (see e.g. [0]). You could embed the TimeStampResp [1] in a signature notation (assuming you would timestamp file hash, not the signature itself, of course). Another interesting tidbit, RFC 4880 contains a Timestamp signature flag (0x40 [2]) and a way to nest signatures, that could be used to provide timestamping or notary services [3]. Kind regards, Wiktor [0]: https://tsa.safecreative.org/ [1]: https://tools.ietf.org/html/rfc3161#section-2.4.2 [2]: https://tools.ietf.org/html/rfc4880#section-5.2.1 [3]: https://gnupg.org/ftp/people/neal/an-advanced-introduction-to-gnupg/an-advanced-introduction-to-gnupg.pdf section 4.5.1 -- https://metacode.biz/@wiktor ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Timestamping signed documents or detached signature files
On Sun, 22 Jul 2018 20:39:52 +0200, Wiktor Kwapisiewicz wrote: Hi Wiktor, thanks for your reply, much appreciated! > Yep, this is definitely cool. > > I don't know if you've seen it but there is also a helper script for > timestamping git commits: > > https://github.com/opentimestamps/opentimestamps-client/blob/master/doc/git-integration.md No, i haven't seen it, but just went through it. The author made some interesting points, even if i don't use git. > And one minor note, that it's actually possible to (ab)use X.509 > timestamping servers for OpenPGP because they just timestamp any hash > that you give them (see e.g. [0]). You could embed the TimeStampResp > [1] in a signature notation (assuming you would timestamp file hash, > not the signature itself, of course). > > Another interesting tidbit, RFC 4880 contains a Timestamp signature > flag (0x40 [2]) and a way to nest signatures, that could be used to > provide timestamping or notary services [3]. Thank you very much for the additional infos and links, i will read them all. Best regards Stefan -- https://www.behance.net/futagoza https://keybase.io/stefan_claas ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Timestamping signed documents or detached signature files
Thank you very much for the additional infos and links, i will read them all. Oh, I forgot to mention that timestamping using blockchains is actually very easy, for example I timestamped my key's fingerprint: https://keyserver.ubuntu.com/pks/lookup?fingerprint=on=0x653909A2F0E37C106F5FAF546C8857E0D8E8F074=vindex (look for timestamp+bitcoin-transact...@metacode.biz afcb092c5ca6409526d18ae9cf22d3b55d37e723eb1b74e3f84f7e6b052a162a) And you can check out the transaction here: https://blockexplorer.com/api/tx/afcb092c5ca6409526d18ae9cf22d3b55d37e723eb1b74e3f84f7e6b052a162a (look for "OP_RETURN 653909a2f0e37c106f5faf546c8857e0d8e8f074" that is my key's fingerprint). If you convert "time": 1507539820 seconds from there to date you'll get something like 2017-10-09T09:03:40.000Z. OpenTimestamps (I think) uses Merkle trees to minimize fees but the downside is that the hash is not directly embedded in the blockchain and you need the extra files to reconstruct the tree root. Have a nice day! Kind regards, Wiktor -- https://metacode.biz/@wiktor ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
TLS 1.3 with ssh-like authentication
>From what I understand TLS 1.3 only supports X.509 and PSK, and won't let me authenticate against public key fingerprints. I really want the performance of single-route-trip handshakes, as this is important for my use case (distcc), which makes alot of new connections (as it is mostly stateless between invocations, except for some rate limiting). Thank You, Shawn Landden ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
random seeds file hung on AIX 7.2
Hi Team, Could you pls some one help me while running the encrypt process the process is getting hung and random seed file is not updating AIX version: 7.2 GPG version: gpg (GnuPG) 1.4.7 Regards, Chandra Sekhar Velpula SME - Unix Email: chandra.velp...@in.ibm.com Unix DL: Cemex_unix_india ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Timestamping signed documents or detached signature files
On Sun, 22 Jul 2018 21:57:13 +0200, Wiktor Kwapisiewicz wrote: > > Thank you very much for the additional infos and links, i will read > > them all. > > Oh, I forgot to mention that timestamping using blockchains is > actually very easy, for example I timestamped my key's fingerprint: > > https://keyserver.ubuntu.com/pks/lookup?fingerprint=on=0x653909A2F0E37C106F5FAF546C8857E0D8E8F074=vindex > > (look for timestamp+bitcoin-transact...@metacode.biz > afcb092c5ca6409526d18ae9cf22d3b55d37e723eb1b74e3f84f7e6b052a162a) > > And you can check out the transaction here: > https://blockexplorer.com/api/tx/afcb092c5ca6409526d18ae9cf22d3b55d37e723eb1b74e3f84f7e6b052a162a > > (look for "OP_RETURN 653909a2f0e37c106f5faf546c8857e0d8e8f074" that > is my key's fingerprint). > > If you convert "time": 1507539820 seconds from there to date you'll > get something like 2017-10-09T09:03:40.000Z. Thanks! I also checked the transaction via blockchain.com. https://www.blockchain.com/btc/tx/afcb092c5ca6409526d18ae9cf22d3b55d37e723eb1b74e3f84f7e6b052a162a > OpenTimestamps (I think) uses Merkle trees to minimize fees but the > downside is that the hash is not directly embedded in the blockchain > and you need the extra files to reconstruct the tree root. Yes, and the service is free. In the past i played also with OP_RETURN, via WWW based services and my Electrum Wallet. > Have a nice day! Thanks, have a nice day too! Here it is already very late and i go to bed now. Best regards Stefan -- https://www.behance.net/futagoza https://keybase.io/stefan_claas ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
