[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Notary signatures
David Shaw <dshaw@xxxxxxxxxxxxxxx> writes:
> This is interesting, as I had been thinking of a service that did not
> verify the contents of the original document before notarizing the
> signature. This service would purely be to validate the timestamp
> (and other data) in the original signature, so no need to send the
> original document which may be sensitive.
Well, there are certainly multiple services available. You are
correct that validating the signature is not a requirement.
Jon Callas <jon@xxxxxxxxxx> writes:
> I like the idea of a notary signature that only signs a signature packet.
> This would mean your signer doesn't even need to see the document that's
> being notarized, which has a certain panache to it.
*smiles*
> How about if I do this:
>
> * Write up a description of a notary signature.
>
> * Change the "revocation target" subpacket to be a "signature target"
> subpacket so it can work double duty
>
> How's that sound?
Sounds good to me.
-derek
--
Derek Atkins
Computer and Internet Security Consultant
derek@xxxxxxxxx www.ihtfp.com