validate-userid: Add --validate-at=DATE (!35) · Merge requests · Daniel Kahn Gillmor / openpgp-stateless-cli

In some cases the user might want to evaluate the historical validity of a given User ID (e.g., when evaluating a certificate used to sign an archival mail). We should provide a clear way to do this historical evaluation.

Note that a data signature produces a point-in-time signature, and the process of verifying a data signature implies considering a range in which the signature could be acceptable.

But a certification produces a temporal range of validity (e.g., from when the certification is made until it expires or is soft-revoked). So, conversely, we specify a specific point in time during which we want to evaluate the User ID validity.

validate-userid: Add --validate-at=DATE

Merge request reports