GnuPG future timestamp checks and security
Werner Koch
wk at gnupg.org
Mon Mar 4 11:13:10 CET 2013
On Wed, 27 Feb 2013 17:01, casey.marshall at gmail.com said:
> I'm considering ignoring the time checks (--ignore-time-conflict,
> --ignore-valid-from) due to clock drift being a common problem in my
> application.
That is why we added these options.
> What was the motivation for adding the timestamp checks? Specifically,
> are there security implications to disabling them I should be
> concerned about?
A bad timestamp may be a sign for some other bug on the sending site.
whether it is a security problem, depends on the application.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-users
mailing list