therning.org/ magnus

AssureDate

Since I’ve seen absolutely no interest in this at all during the more than 6 months I’ve had this up here I’ve decided to take it down. The key has been revoked.

The key has been revoked and this page will be removed soon.

I had this idea the other day. Today I decided to try it out…

What’s AssureDate?

If you send an email to AssureDate@therning.org with the following information:

Cryptographic hash of a file
The type of the cryptographic hash you used (MD5, SHA1, etc.)

Then I will send you an email with a plain-text file, the AssureDate file, attached containing the information you sent plus the date you sent it cryptographically signed.

What can you use it for?

Well, basically use it for whatever you want. My thoughts on its usage is that it might offer some help if you need to show that a creation of yours was created by a certain date.

The technology behind AssureDate

At the moment I perform all of the steps involved manually. If the volume of requestes ever reaches the point where I can’t cope with it then I’ll start automating the process. For now it simply isn’t worth my time.

After creating the AssureDate file I use GnuPG to sign it. The key ID is 0xCEA32E5D and the fingerprint is:

F1FC 1596 051B A189 CA79  7A48 3709 1F58 CEA3 2E5D

I need your help!

Sign the AssureDate key!

AssureDate is only as trustworthy as its key. The one thing I can’t do myself is create trust in the key I can only make sure trust in the key isn’t decreasing. Needless to say I’m taking every precaution the key never is compromised. What I need help with is creating trust in the key and that means signing the AssureDate key.

Contact me on magnus@therning.org if you are interested in signing the AssureDate key.

Example of using AssureDate

Take the file containing your creation, e.g. a file containing the answer to Life, Universe, and Everything. Use a tool to create a cryptographic hash of the file, e.g. md5sum. Write an email with the cryptographic hash and the algorithm you used:

Hash: 50a2fabfdd276f573ff97ace8b11c5f4
File: my_work.odf
Algorithm: MD5

Hash: 076ffcadc0e040b86505ca50ce41cdce5a0226e2
File: my_other_work.odf
Algorithm: SHA1

Now wait and you will receive an email containing a plain-text attachment looking like this:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Date: Sun Jun  4 19:28:03 UTC 2006

Hash: 50a2fabfdd276f573ff97ace8b11c5f4
File: my_work.odf
Algorithm: MD5

Hash: 076ffcadc0e040b86505ca50ce41cdce5a0226e2
File: my_other_work.odf
Algorithm: SHA1
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEgzS4NwkfWM6jLl0RAuI0AJ0VtoSNoWTYg9CBo5G0knCW0e33GACfcsh9
7lW/VZIXPdiwBTmGNHEjjag=
=85du
-----END PGP SIGNATURE-----

Now you need to save the attachment and the original file.

To show the original is at least as old as the date in your AssureDate file you re-create the hash of the original file and then you use GnuPG to verify that the signature on the AssureDate file was created by the AssureDate key.

Disclaimer

You use this service on your own risk. The service comes with absolutely no promises or guarantees. I make no claims whatsoever that the file returned by this service is usable in a court of any kind.

Close Bookmark and Share This Page

Save to Browser Favorites / Bookmarks

Email This to a Friend

Copy HTML:

If you like this then please subscribe to the RSS Feed.