- From: Scott Cantor <cantor.2@osu.edu>
- Date: Thu, 18 Dec 2008 11:09:16 -0500
- To: "'Frederick Hirsch'" <frederick.hirsch@nokia.com>
- Cc: "'XMLSec WG Public List'" <public-xmlsec@w3.org>
> The key point is that the cert and sig lifecycle in general should not > be expected to match so the signature will need a property, such as > the "expires" property. It will be up to the deployment policy to > figure out the details of various life cycles. Hmm, isn't it more a function of the data itself to indicate that it's "expired"? I don't know that it's the right semantic to make the signature itself expire, at least for that purpose. -- Scott
Received on Thursday, 18 December 2008 16:09:58 UTC