Would people be interested in a gpg notarization service?

[kgo]

I know at least some people are using gpg to sign contracts before making trades.

There are still a few exploits someone could do even with a signed message.  They could modify the system clock to post date a siganture, rendering it invalid.  They could revoke the key, which means that any previous signature could be blamed on a malicious user.  There are a few other attacks as well.

I was thinking of a service that would notarize a signed message by signing with a neutral third party's key.  This indicates that the neutral third party believed the signature was valid at the time it was posted, limiting the possibilities of someone calling foul play.  It would also archive the message, with notarized signature on the website, either in clear-text for the world to see, or encrypted to the gpg keys of the parties involved, so either party could extract the contents later.

Charge would be very nominal.  Probably 0.01 btc to start.

My questions are: Are there a lot of people who actually sign gpg statements before issuing transactions?  And if you're one of these people, would you be interested in such a service?  And if so, is 0.01 btc too cheap? ;-)

[1715502655]

1715502655

[1715502655]

1715502655

[1715502655]

1715502655

[1715502655]

1715502655

[1715502655]

1715502655

[1715502655]

1715502655

[Nefario]

This would tie in very nicely with new assets being created on the stock exchange glbse.com

Signed first by the issuer, and then the notarization service.

You could also verify that a contract that is signed is valid, i.e. that it validates with the supposed public key thats being used, and clock used to sign is also ok etc.

[kgo]

This would tie in very nicely with new assets being created on the stock exchange glbse.com

Signed first by the issuer, and then the notarization service.

You could also verify that a contract that is signed is valid, i.e. that it validates with the supposed public key thats being used, and clock used to sign is also ok etc.

Yeah, that would be part of the plan.  Key exists.  Is accessible from keyserver.  Sig and date are valid.   Etc.

Thanks for the heads up on glbse.com.  I'll need to see how they're using gpg.

[kiba]

So I can use the GLBSE to sign employment contracts?

[Nefario]

So I can use the GLBSE to sign employment contracts?

For seeing how gpg is used check out some of the contracts/assets, you can see berried in the xml is an xml contract that contains the public key and is gpg clearsigned.

http://dev.glbse.com/cgi-bin/list

(May need to view source if xml doesn't show)
http://dev.glbse.com/cgi-bin/asset?id=d59b25f04a13190c792c3e4199d44e4dce23abfb63729ab269c23d668dd22184.xml

Kiba, yes you could, but you would have to write it in such a ways as it's terms are something like:

The owner of this contract (that is the purchaser), may use this to redeem from kiba (include your gpg details and contact information etc.) the work stated below:

state exactly what you will do

GPG clearsign above text.

And you would then put that contract, quantity 1 up for sale on GLBSE for the amount you want to charge. and whoever buys it is the person you work for(it also means you get the money upfront).