voa-openpgp: In a high-level signature verification API, use artifact creation time to limit valid signature creation times
Consider adding a high-level signature verification API that takes an "artifact creation time" parameter, which acts as a lower bound for valid signature creation times
Also see the discussion in