Zitat von Christine <[email protected]>:
On 05/04/2010 10:37 AM, [email protected] wrote:Hellobecause of code-signing we digg around in secure timestamps according to RFC 3161. This is a extension which is used to solve the problem of expired certificates and the need to know if the certificate was valid at time of signing. As far as i know this would also apply to S/MIME so signed messages can be validated even if the certificate in question is expired. Does anybody know if this would be useful or even supported by mailclients. If yes it may be worth to be added to Djigzo in the future?I think that would be a useful feature. But in order to generate good timestamps, you need to have proper hardware to generate the timestamps, like the hardware that nCipher is selling. This would require an investment from the party hosting the timestamp server. Alternatively, Djigzo could provide the extension to generate the timestamp from a third party server. This would require availability of such a server during development. dagdag Christine
The availability should not be a problem as for example https://tiemstamp.geotrust.com/tsa (Verisign) or http://www.startssl.com/timestamp (StartSSL) could be used. The bigger problem would be scalability and the lack of support from mailclients i guess. Anyone aware of a mailclient capable of timestamp support??
Regards Andreas
smime.p7s
Description: S/MIME Signatur
_______________________________________________ Users mailing list [email protected] http://lists.djigzo.com/lists/listinfo/users
