md-distro - Re: [md-distro] signing metadata with xmlsectool
Subject: Metadata Distribution Subcommittee of TAC
List archive
- From: Ian Young <>
- To:
- Subject: Re: [md-distro] signing metadata with xmlsectool
- Date: Sat, 26 Oct 2013 17:54:16 +0100
On 23 Oct 2013, at 18:58, Cantor, Scott
<>
wrote:
> On 10/23/13, 1:55 PM, "Tom Scavo"
> <>
> wrote:
>
>> Will the above command continue to work after March 29, 2014 (which is
>> the day the legacy CA certificate expires)?
>>
>> Will the above command continue to work after May 2, 2014 (which is
>> the day the current signing certificate expires)?
>
> I can¹t think of any reason why the certificate content would have any
> impact on signing, but I¹m sure Ian can correct me.
This was mentioned on the call. For the benefit of those who weren’t there:
as far as I’m aware, Scott is correct and XmlSecTool doesn’t look at the
expiry date of the certificate it is signing with. So it should be able to
sign using an expired certificate if that’s necessary.
-- Ian
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
- [md-distro] signing metadata with xmlsectool, Tom Scavo, 10/23/2013
- Re: [md-distro] signing metadata with xmlsectool, Cantor, Scott, 10/23/2013
- Re: [md-distro] signing metadata with xmlsectool, Ian Young, 10/26/2013
- Re: [md-distro] signing metadata with xmlsectool, Cantor, Scott, 10/23/2013
Archive powered by MHonArc 2.6.16.