On Fri, May 27, 2005 at 09:17:11AM +0200, Ivan Popov wrote:
> I do not see any practical application of tokens "to be valid in the future"
> either, but it may exist. As long as we have the timestamp, it would be safest
> to check it - though we might relax the check to say "up to a minute in
> the future is ok" or something?

I just re-read,

    Integrating Security in a Large Distributed System
    Satyanarayanan, M.
    ACM Transactions on Computer Systems
    Aug. 1989, Vol. 7, No. 3, pp. 247-280 

    http://www-2.cs.cmu.edu/afs/cs/project/coda-www/ResearchWebPages/docdir/sec89.pdf

And although it briefly mentions the begin timestamp, it provides no
argument _why_ is exists. Looking at Kerberos 'history' shows that they
have the same thing which is probably where it came from. However
kerberos seems to need it because their lifetime seems to be defined as
5 minute increments from the begin timestamp, while the end timestamp
in Coda is self-sufficient, i.e. a UNIX timestamp in seconds since the
epoch.

Jan