Re: https and self signed

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Mon, June 20, 2016 19:16, Gordon Messmer wrote:
> On 06/20/2016 07:47 AM, James B. Byrne wrote:

>> Exactly what mindless person or committee of bike-shedders decided
>> that software should be distributed so that copies of it expire?
>
> Expiration is a fundamental aspect of x509 certificates.  Do you
> understand x509 at all?

with all its problems; look just a little bit into the future;
when I sign a document today, the certificate I sign this document maybe
valid till the end of next year (end of the year 2017);
let us think this is an important document; and let us think you were a
young boy now;
in case the software still exists in the next 50 years, the diagnosis if
the document has been modified is easy, but ...
how would you be able to verify that this document hasn't been signed by a
certificate that had been revoked when you are an old man?


_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux