[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Signature types
On Sat, Aug 27, 2005 at 09:50:18AM +0200, Daniel A. Nagy wrote:
>
> I am wondering if I understand the following correctly:
>
> 0x40 Timestamp signature.
>
> It is calculated directly on any document like a 0x00 signature (BTW, it
> would probably makes sense to introduce a 0x41 timestamp for textual
> documents), but the issuer of the signature does not claim authorship or
> endorse the document, just states the fact that the document existed at the
> time when the signature was issued.
Signature over a signature, just like 0x50. It's not exactly made
clear in section 5.2.1, but note that it gets a signature target
subpacket. That only makes sense if it is a signature over a
signature. Note that 0x40 actually existed in rfc-1991 as well (also
a signature over a signature).
> This one I do not understand at all:
>
> 0x50 Third-Party Confirmation signature.
>
> What is the signature calculated on? The document? The certified signature?
> Both?
The signature. I thought this one was pretty clear (from 5.2.1):
This signature is a signature over some other OpenPGP
signature packet(s). It is analogous to a notary seal on the
signed data.
David