On 05/09/2011 10:53 AM, [email protected] wrote: > today i discovered that if a mail is signed by i expired certificate > the certificate is still fetched and added to the Djigzo store. Is > this useful in any case or wouldn't it be better to ignore expired > certificates?
Does it harm to store them? If you store a cert that expires one day later, you also have an expired cert. If someone decides to sign their messages with an expired cert, there may be a reason for that. I generally don't mind expired certs. I think Djigzo shouldn't thow away certs with which messages have been signed. dagdag Christine _______________________________________________ Users mailing list [email protected] http://lists.djigzo.com/lists/listinfo/users
