On Wed, Jul 22, 2015 at 09:56:24PM +0100, David Woodhouse wrote: > > The more I look at this 'signed timestamp' scheme, the more pointless > it seems in this situation. We basically don't *care* about the wall > -clock time, *and* we don't really know it. If we're going to trust > anyone to say " <THIS> was the time at which the signature was > generated", then we might as well forget the whole nonsense about an > expiry time and just trust that same third party to provide a > signature... or not.
The whole point of this signed timestamp is that the signature doesn't expire and that you don't have to care about the wall clock. Kurt _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev