Verify that GnuPG does not leak timezone in email signatures

Hi,

TorBirdy design doc [1] is a mentions potential timezone leak by thunderbird. Otherwise there is no information about potential timezone leak by GPG. GPG includes time when it is used to sign content.

The PGP RFC [2] tell that time fields should be in UTC. In my tests, GPG and enigmail print the date in local format. So it would be interesting to verify if they fully respect RFC and send messages with date in UTC.

[1] https://trac.torproject.org/projects/tor/raw-attachment/wiki/doc/TorifyHOWTO/EMail/Thunderbird/Thunderbird%2BTor.pdf
[2] https://tools.ietf.org/html/rfc4880#section-3.5

Parent Task: #5663 (closed)

Related issues

Related to #6284

Original created by @geb on 7103 (Redmine)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information