On 01/-10/-28163 08:59 PM, [email protected] wrote:
Hellotoday i discovered that if a mail is signed by i expired certificate the certificate is still fetched and added to the Djigzo store. Is this useful in any case or wouldn't it be better to ignore expired certificates?
For both sides (adding it and not adding it) there are valid arguments. You are right that the certificate is no longer usable and it's therefore better not to add it (unless you add the certificate to the CTL manually and allow it to be expired). However, it adding it also helps the gateway administrator to see that a message was signed with an expired certificate. If the certificate was not added the gateway administrator would not have seen that the message was signed with an expired cert. Do you want it to be optional whether to add the certificate when the certificate is expired?
Kind regards, Martijn
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Users mailing list [email protected] http://lists.djigzo.com/lists/listinfo/users
smime.p7s
Description: S/MIME Cryptographic Signature
