Skip to content

Commit

Permalink
Don't eagerly reject expired or revoked certificates.
Browse files Browse the repository at this point in the history
  - Even if a certificate is expired or revoked, it doesn't mean that
    it is completely useless.  If a signature was made before the
    certificate expired, or before any soft revocation, then it may
    still be valid.

  - This is safe, because we still check that a certificate is valid
    when we check a signature.

  - Fixes #59.
  • Loading branch information
nwalfield committed Jan 22, 2024
1 parent 149a109 commit df0fed3
Showing 1 changed file with 0 additions and 2 deletions.
2 changes: 0 additions & 2 deletions src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -1672,7 +1672,6 @@ fn _pgpPubKeyLint(pkts: *const c_char,
unspecified reason");
}
}
break 'done false;
}

if let Err(err) = vc.alive() {
Expand All @@ -1685,7 +1684,6 @@ fn _pgpPubKeyLint(pkts: *const c_char,
err));
}
}
break 'done false;
}
}
};
Expand Down

0 comments on commit df0fed3

Please sign in to comment.