Signature certification
Nicholas Bohm
nbohm at ernest.net
Wed, 28 Mar 2001 17:28:25 +0100
At 15:34 28/03/2001 +0100, David Howe wrote:
>>Nicholas Bohm wrote:
>>> Has anyone come across a service offered by a certification authority
>>> consisting of receiving digitally signed data and certifying the
>signature
>>> on it? If so I would be grateful for a pointer to the CA in question.
>>Why would you want to do that? If the CA has certified the public key,
>>they can add no value to a signature that is verified by it.
>Could they have meant a timestamp/signing service? there are online services
>that add a timestamp to an entire document (sig and all) then sign the whole
>thing with their key; the idea is to prove the document WAS signed at or
>before that time, rather than to verify the sig. The idea is that your own
>timestamp might be dubious (if there were benefit to you having signed the
>document after the fact, or your computer's clock was simply wrong) but
>theirs can be trusted.
I think it's clear from context that they don't mean timestamping and do
mean signature certification.
Regards
Nicholas
Salkyns, Great Canfield,
Takeley, Bishop’s Stortford CM22 6SX, UK
Phone 01279 871272 (+44 1279 871272)
Fax 01279 870215 (+44 1279 870215)
Mobile 07715 419728 (+44 7715 419728)
PGP RSA 1024 bit public key ID: 0x08340015. Fingerprint:
9E 15 FB 2A 54 96 24 37 98 A2 E0 D1 34 13 48 07
PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF. Fingerprint:
5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF