2011/5/7 MFPA <[email protected]> > On Saturday 7 May 2011 at 9:56:14 PM, in > <mid:[email protected]>, Ingo Klöcker wrote: > > > > It depends on your definition of "valid". In my book a > > signature can only be valid if the corresponding key > > is valid. Expired keys are not valid (anymore). > > I thought a key was incapable of making signatures with timestamps > beyond its expiry time but could still be used to verify signatures > that already existed.
Definitely. I get his point about rejecting them entirely though, as it is (and that's what this dicussion is all about) difficult to verify the (actual) signature time. -- Jerome Baum tel +49-1578-8434336 email [email protected] -- PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
