Re: Expired certificates
- From: edward.luck@xxxxxxxxxxxxx
- Date: 27 Apr 2006 04:26:38 -0000
This is an interesting issue, and the answer really depends on how evangelistic you are regarding PKI. Since the content protected by the certificate does not use it - and I assume will never use it again - personally I don't believe it's a big problem.
*However*, people should never be given an excuse to get into the habit of ignoring certificate errors. Any time an active website uses an invalid certificate, it only encourages poor user behaviour. Ergo, you can say that it's best to remove any invalid certificates, which is being a good security citizen, which in turn helps keep the trust model of PKI working.
-------------------------------------------------------------------------
This List Sponsored by: Webroot
Don't leave your confidential company and customer records un-protected.
Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no
obligation. See why so many companies trust Spy Sweeper Enterprise to
eradicate spyware from their networks.
FREE 30-Day Trial of Spy Sweeper Enterprise
http://www.webroot.com/forms/enterprise_lead.php
--------------------------------------------------------------------------
- Prev by Date: Re: What firewall for small medical research lab
- Next by Date: Re: Expired certificates
- Previous by thread: RE: Expired certificates
- Next by thread: Re: Expired certificates
- Index(es):
Relevant Pages
|
