|
| From: | Brian Campbell |
| Subject: | Re: [Monotone-devel] Re: key trust |
| Date: | Wed, 12 Oct 2005 11:45:33 -0400 |
On Oct 12, 2005, at 4:36 AM, Richard Levitte - VMS Whacker wrote:
I think you're operating under some false assumptions. Just because a certificate was revoked yesterday, it doesn't mean that a signature made a week ago suddenly becomes invalid. All that's needed is to attach a datetime to the thing being signed before signing it, and compare that to the revokation datetime to know if the signature is to be regarded as valid or not.
How do you know if the datetime is honest? If I have my certificate revoked, I could create a revision with a date/time earlier than the revocation and push it to a server. If you wanted to actually make sure things happened ate the right date and time, you'd have to have a centralized, trusted, timestamping server. Pretty much the only thing you can do in a system like monotone is list a set of revisions, and say all of those revisions are still trusted, while any more from someone with that certificate are not.
Actually, I'm wondering if it wouldn't be simpler to just re-sign all certificates for existing revisions that are signed with a key that is about to be revoked.
| [Prev in Thread] | Current Thread | [Next in Thread] |