AD asks: section 7.4.2.2: If the signer's cert has expired, is a signature on a stored value still considered valid or not? One issue is that if any revocation/status checking is supported then there may not be any such information available for expired certs. Another issue is that if you do consider signatures only verifiable with non-expired certs, then a lot can go wrong when a cert expires and its hard to fix that up. I don't have a good solution to offer, but maybe you have an answer?
In the current doc, 7.1 says: When signatures are verified, the current time MUST be compared to the certificate validity period. However, it is permitted to have a value signed which expires after a certificate's validity period (though this will likely cause verification failure at some future time.) I understand that some implementations flush any object for which the signing certificate has expired; that is, the upper TTL for an object is the remaining validity period for the signing certificate. This could be enforced on insertion, or by audit/cleanup processes. How do we want to handle it? -- Dean _______________________________________________ P2PSIP mailing list [email protected] https://www.ietf.org/mailman/listinfo/p2psip
