diff --git a/book/source/09-verification.md b/book/source/09-verification.md index c9423db..747de78 100644 --- a/book/source/09-verification.md +++ b/book/source/09-verification.md @@ -10,9 +10,23 @@ SPDX-License-Identifier: CC-BY-SA-4.0 ## When are signatures valid? +There is a difference between signature *correctness* and *validity*. +A signature might be correct, but still disqualify as a valid signature. + The validity of a signature is constrained by a number of conditions. -First and foremost, a signature must be cryptographically correct, meaning the signature as well as the signed information must be intact. -Futhermore, signatures on a certificate form a chain, originating from the certificates primary key down to signatures issued by the certificate. +First and foremost, a signature must be cryptographically correct, meaning the signature, as well as the signed information must be intact. + +### Temporal validity + +A signature is valid only for a constrained period of time. +A hard, lower constraint for the validity period is the creation time of the signature. +An upper constraint might be its expiration time. + +When checking a signature for validity, a reference time is defined. +For an email that might be the signature creation time itself, or the reception date. +For the signature to qualify as valid, it needs to be effective, in other words, the reference time must fall into the period from signature creation to signature expiration. + +Futhermore, signatures on a certificate form a chain, or rather a tree of signatures, originating from the certificates primary key down to signatures issued by the certificate. In order to verify, whether a signature is valid, the whole signature chain must be checked, taking expiration dates, capabilities and revocations into account. For example, in order to verify a data signature over a text document, an implementation would need to verify not only the data signature itself, but also the binding signature (and back-signature) of the signing subkey, as well as the direct-key signature on the primary key of the issuer certificate.