Enhancement idea: Add rule type to block based on signing time

[mlw]

It might be nice to have the ability to block old applications from running.

We'd likely need a rule type to be a combined Cert Hash and Timestamp value. Binaries signed with that certificate would then only be allowed to run if signed after then given time.

This is similar to a request to block by version, but is perhaps more workable generically.

There are some limitations to this proposal being used to block old, potentially known bad versions - E.g. if a company maintains more than one release train, with the older trains being vulnerable, there might be newer releases of the old train that would pass this check (e.g. v3.* is vulnerable and a fix cannot be backported, but v3.* and v4.* are maintained, a company could release v3.5 after v4.0).