Certs by a revoked key
David Shaw
dshaw@jabberwocky.com
Sun Feb 23 15:03:01 2003
On Sun, Feb 23, 2003 at 12:32:35PM +0100, Erwan David wrote:
> Le Sun 23/02/2003, Jan Niehusmann disait
> > On Fri, Feb 21, 2003 at 07:21:51AM -0500, David Shaw wrote:
> > > No, because unless you are talking about a very special use where the
> > > sender and receiver have rigidly controlled clocks and nobody else can
> > > participate, there is no way to tell whether the "old signatures"
> > > predate the revocation or not.
> >
> > But that's exactly what I said: Because we don't know if a signature was
> > made before or after the revocation, we should assume all signatures
> > from made with a revoked key as invalid. Or at least give a big
> > warning. And for certs, we should not use them in trust calculation.
>
> so that's a poin in which S/MIME pkcs#7 are better, since signature
> contains a (signed) signing time...
No, they are the same. PGP signatures contain a signed signing time
as well. In both cases, the signing time is only as reliable as the
signer's clock.
David
--
David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson