Temporary solutions that "work" tend to become permanent solutions. That's how products end up shipping with hard-coded admin passwords or similar back doors. Charles -----Original Message----- From: openssl-users [mailto:openssl-users-bounces@xxxxxxxxxxx] On Behalf Of Hubert Kario Sent: Wednesday, January 16, 2019 6:47 AM To: Eliot Lear Cc: openssl-users@xxxxxxxxxxx Subject: Re: in the department of "ain't no perfect" On Wednesday, 16 January 2019 13:22:53 CET Eliot Lear wrote: > Hi Hubert > > On 16.01.19 12:27, Hubert Kario wrote: > > For maintaining signatures that need to be valid long into the > > future standards like CAdES should be used. They keep time of > > signing in timestamps signed by trusted time-stamping authorities, > > along with the rest of revocation data necessary to verify the original signature. > > Understood. At this point in the maturity cycle of the technology, > we're just not there yet. My choices are, have people ignore invalid > signatures in their entirety or provide something more nuanced for now. you don't have to start with implementing the full CAdES-LTA, you can start with just adding support for timestamping, the CAdES-T using time from the signature to verify it is as good as ignoring the certificate expiration date - if you need to make the signatures verifiable now, do that, not use the false sense of security of using easily fakeable date -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
