On Tue 2015-09-22 12:22:03 -0700, Olav Seyfarth <[email protected]> wrote:
> Patrick wrote:
>> The state should depend on whether the key was valid at the time
>> of signature creation.
>
> True, but if we change to that, we rely on a (non-signed) header to
> deduct the date.
OpenPGP signatures have timestamps in them that are covered by the
cryptographic signature. This timestamp may or may not align with the
Date: header in the signed e-mail, but that's all the more reason to
use Memory-Hole-style protected e-mail headers.
--dkg
_______________________________________________
enigmail-users mailing list
[email protected]
To unsubscribe or make changes to your subscription click here:
https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
