[Bug 59626] signed pgp/mime mail with expired key shows bad signature
kavol at seznam.cz
Mon Oct 8 12:00:19 CEST 2007
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
------- Additional Comments From kavol seznam cz 2007-10-08 12:00 -------
> So is KMail at fault here or isn't it?
I see it as a KMail fault ... the signature is valid - if the email was *sent (and signed) before the expiration date then the signature cannot be invalidated just because time passes; the signature would be invalid if it was *created*, not read, after the expiration date
imagine a real world example - you sign some agreement for a limited time frame, e.g. one year; after some more years things go wrong and the agreement becomes important at court ... could you imagine that the judge says, looking at the paper with your signature, that the signature is invalid, the ink on the paper (and the record at the attorney) cannot be taken as a proof that you signed it, just because the agreement has expired a few years in the past?
More information about the Kdepim-bugs