Re: in the department of "ain't no perfect"

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Hubert

On 16.01.19 12:27, Hubert Kario wrote:
> For maintaining signatures that need to be valid long into the future 
> standards like CAdES should be used. They keep time of signing in timestamps 
> signed by trusted time-stamping authorities, along with the rest of revocation 
> data necessary to verify the original signature.


Understood.  At this point in the maturity cycle of the technology,
we're just not there yet.  My choices are, have people ignore invalid
signatures in their entirety or provide something more nuanced for now.

Eliot

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux