Regardless of whether this stops the DOS attack or not, I think that it is
important that the dates on the certificates be trustworthy.
That is really really hard. In fact it seems pretty much impossible,
especially for backdating. That's because there does not seem to be
any obvious way to distinguish between a certificate that I signed a
long time ago, and you are now just seeing (due a sync/push), and one
that I just now intentionally and maliciously backdated.
I think in Monotone is it more useful to reason about causality using
the explicit revision graph rather than try to bring trusted global
clocks into it.