Nice guidelines,

I would like to see the following (maybe in some better wording) added to it:
look for valid is true ...
and check out if the token isn't just a copy paste from an old publiced token,
by checking the age of the timestamp value which gives you the amount of seconds between the genesis block and the token generation ...
this can be done by dividing the timestamp (which gives you the amount of seconds between the genesis block and the token generation) value by ( 60 seconds * 60 minutes * 24 hours) and then deduct the resulting amount of days on a date calculator from the current date.
If the result is -+ 1 day from 24 november 2013 it means it is a recent token...
It would also be nice (or even standard) if the escrows would immedietly post a token, with the tread title and date plus time as website (or message),
on trading threads where they act as escrow,
so we can immedietly exclude the possibilty that their forum or email account was compromised.
Even nicer would be if the nrs client (or some other client, wesleys for example) would automaticly return the age of the token like this for example:
{
"timestamp": 18265159,
"valid": true,
"age": 2 days, 4 hours, 25 minutes and 30 seconds
"accountRS": "NXT-UWKJ-GFEV-AGY4-5C4YS",
"account": "4357314498768237104"
}
It is just to easy to copy paste a valid old token...