ietf-mailsig
[Top] [All Lists]

Re: the meaning of a mailsig signature

2004-11-08 07:04:47


On Sun, 7 Nov 2004, Jim Fenton wrote:

A related question is the need to support backward validity of keys.  
If I send a message on Thursday, change ISPs on Friday, should it be 
possible to verify the message on Sunday?

There should be some period in which the previous key is active for
verification purposes even if you started using new key. That period
should be maximumemail delivery time, i.e. about 5 or 7 days.

Note that above does not apply if if key is compromised, then its better
to just remove it. 

-- 
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net


<Prev in Thread] Current Thread [Next in Thread>