Validity Models

Abstract

In this chapter we deal with validity models for digital signatures in the hierarchical trust model. In order to explain what we mean by this, we start with an example. Paul sells his house to Anna on 1 October 2009. Paul signs the sales contract digitally. The certificate that authenticates Paul's signature verification key expires on 31 July 2010. Should Paul's signature still be considered valid after the certificate has expired? In the most common validity models, for example in the shell model from the PKIX standard, the answer is ``no''. This does not seem to make much sense since the transaction is still valid. Therefore, the German signature law requires an electronic signature to be valid independent of the expiration of the certificate as long as the certificate was valid at the time the signature was created. This so-called chain model is a completely different validity model for signatures. In this chapter we discuss the various validity models for digital signatures in more detail.