On Mon, Oct 20, 2008 at 02:30:27PM +0200, Markus Wanner wrote:
> Looks like we are just approaching the problem from different angles.
> I've been analyzing what's required to convert to atomic certs (or
> super-certs or whatever you'd like to call it). I'm thinking that we
> need to clean up our c
Hi,
Daniel Carosone wrote:
> That's kind of my point about the separate date certs we have
> currently. You propose a mechanism whereby an out-of-order or
> future-dated date cert would be considered invalid and untrusted --
> instead of now where it's trusted but essentially ignored (other than
On Mon, Oct 20, 2008 at 10:31:32AM +0200, Markus Wanner wrote:
> > In particular, my concern is that despite agreeing and acknowleding
> > that there can't be a global clock, warnings or errors like this help
> > to encourage in the users' minds that there is a global clock anyway.
>
> Can we real
Hi,
Daniel Carosone wrote:
> I'm not so sure.. I'd happily go for 'strange' or some other word,
> rather than 'wrong'. At the very least, I'd like to try and work
> through all the cases we can think of where this might arise, and just
> confirm whether a sensible or legitimate interpretation c