[xmlsec] Verify signature after certificate expired
rsalz at datapower.com
Wed Oct 9 13:10:41 PDT 2002
> Yes! When you signed it you claimed that you are the college student.
> When you graduated
> you are not college student anymore and your signature as "college
> student" is *not* valid.
So you're saying that you believe it is impossible to ever do any after
the fact audits. I can never verify that something happened "back then"
without having a current chain of cross-certified certificates up until
the present moment. Suppose the signer dies? All prior signatures are
now just ticking clocks, waiting to become invalid?
More information about the xmlsec