Missing time validation of S/MIME signatures/encryption.
Evolution seems to lack the time validation of the certificate/signatures.
E.g. Attacker stole my S/MIME certificate, which is valid from 1.1.2017 to 31.12.2017. If he send me email signed with this certificate, it will show green bar with "Valid signature". But this certificate is almost two year invalid.
Can you confirm this issue, or it's only my fault?
If yes, it's possible to verify certificate validity against received date provided by our(==last) mailserver? (We can suppose, that only our mailserver is reliable and have correct time.)
I'm running Evolution 3.30.5-1.1 on Debian.