> David's apparent statement is "the person trusting the time is the > person generating the key." > Michael's apparent idea is "if you're generating it and including it > in the key format, then you're making an assertion which must > trustable by people other than the person generating the key." > > -Kyle H
You have to have absolute trust in any entity that will generate or store your private key. Thus you can trust any information in it -- anyone who could put in bogus information could give away your key to strangers. (By absolute trust, I mean with respect to anything you would use that private key for.) DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]