------------------------------------------------------------------------ This is the help file for the Time Stamp Server at timestamp@lorax.mv.com. (192.80.84.247) ------------------------------------------------------------------------ This text was taken from the public-key-server@martingy.ai.mit.edu and modified with lorax specific information. Time Stamp server software written by Cal Page <root@lorax.mv.com> For questions or comments regarding this time stamp server site, contact root@lorax.mv.com. Current version: $Revision:$ $Date:$ NOTE! This service is provided to facilitate public-key cryptography for demonstration and educational purposes. It is the responsibility of users of public-key cryptography to ensure that their activities conform to legal requirements. ------------------------------------------------------------------------------ Question: What is a Time Stamp Server? A time stamp server just echoes back what you send it, except that the date and time are added to the message. Further, pgp is used to 'sign' the message before it is sent back. Question: How do I use the Time Stamp Server? Just send mail to 'timestamp@lorax.mv.com' and you will get back a time stamped message. Question: Who signs the returned message? It is signed by "Time S. Tamp <timestamp@lorax.mv.com>". Mr. Tamp has also registered his public key with the public key server at public-key-server@martingy.ai.mit.edu. Question: What commands does the server accept? If you put 'help' in the subject, you get back this signed message along with whatever else you sent. Question: Is Mr. Tamp's private key available? No. Question: Does this author believe that the PGP/IDEA/RSA method of timestamping has been broken by someone? Yes. The server is experimental, and as the introduction says, it's for research, demonstraton, and educational purposes. Question: What privacy is there for any message I send Mr. Tamp? None! If you want something sensative stamped, just encrypt it before you send it here. I reserve the right to republish none, any, or all of it, to anyone, for any purpose, at any time, anything that is sent. Further, I can do anything with the mailing list, short of selling it to someone. Don't send any government stuff either. I don't want any classified information showing up on this system, as I want nothing to do with it. Question: How do I verify a message received from Mr. Tamp? Just extract the message to a file, and do: "pgp message" Make sure you have loaded an update into your public key ring first, that contains Mr. Tamp's public key, ie: the key for: "Time S. Tamp <timestamp@lorax.mv.com>". Question: How can I be sure no one spoofed an entry from Mr. Tamp? You can't. I would be open to suggestions here. Question: I send a 'help' message, but I don't get a reply? Right now, the server wants a valid Reply-To: or From: field in the message header that contains either a '<' '>' pair or a '@' character. If your fields don't have either, it will just dump the message. Further, this is a Linux node, running 0.99.14, and it sometimes can't reply to some addresses, for various reasons. Sorry. Question: Why don't you run PGP 2.4 from Viacrypt? I tried, but they did not have a Linux version. They wanted me to convert their code under NDA, AND pay them $300, something I was unwilling to do. Anyway, I don't charge for any of this. Question: What is the 'Sequence Number:' after the signature? This is the incrementing sequence number of your mail message. Question: What is the 'emd5 =' string? This is an encrypted md5 signature of the signed message. The 'Sequence Number' is used to index into a one-time-pad that is xor'ed with the md5 for the message. Quesiton: Is the one-time-pad data available? No. -- Cal Page | Pri: root@lorax.MV.COM compuPage, Inc. | Other: cpage@mv.mv.com Brookline, NH. 03033 | 76535.1373@Compuserve.COM finger -l cpage@mv.MV.COM = C4 80 8E 06 1F 4E 69 2F 2C 2C 65 72 72 EA 5D AC ----- END INCLUDED FILE ----- -- Michael Brandt Handler <grendel@netaxs.com> Philadelphia, PA PGP v2.6 public key on request