[xmlsec] Verify signature after certificate expired

Aleksey Sanin aleksey at aleksey.com
Wed Oct 9 12:54:59 PDT 2002

Yes! When you signed it you claimed that you are the college student. 
When you graduated
you are not college student anymore and your signature as "college 
student" is *not* valid.
Certificate is not only a key but also your "digital identity". When 
certificate expires your
identity is no longer valid. If you want your signature to be valid 
after you graduate you need
to use your personal cert with longer expiration time.



> Signatures must be valid even after the signing certificate has 
> expired. Anything else is just non-sensical.  Example:  I go to 
> college, get a certificate from my school, use the key to sign a PDF 
> that contains my thesis.  I graduate and the cert expires.  Is my 
> thesis no longer considered to be signed?
>     /r$

More information about the xmlsec mailing list