Re: outdated ssl cert

To: debian-user@lists.debian.org
Subject: Re: outdated ssl cert
From: Eduardo M KALINOWSKI <eduardo@kalinowski.com.br>
Date: Sat, 16 Jan 2010 15:48:16 -0200
Message-id: <[🔎] 4B51FBE0.6040603@kalinowski.com.br>
In-reply-to: <[🔎] 1263660989.10565.8.camel@ubuntu>
References: <[🔎] 1263660989.10565.8.camel@ubuntu>

On 01/16/2010 02:56 PM, Vadkan Jozsef wrote:

what does a self-signed outdated ssl cert worth? [https]

could it be tricked [https] in a way, that the end user will not
recognize? [e.g. he already accepted the cert one time, and the browser
would warn her, if it been ""attacked""?]

..I mean does an outdated self-signed certificate give the same security
as a normal cert?

If by "outdated" you mean "expired", that is, it's not valid anymore,then any browser (or other software that uses certificates) should warnthe user, regardless of whether it's self-signed or not.



--
  An empty cab drove up and Sarah Bernhardt got out. -Arthur Baer,
  American comic and columnist

Eduardo M KALINOWSKI
eduardo@kalinowski.com.br

Reply to:

References:
- outdated ssl cert
  - From: Vadkan Jozsef <jozsi.avadkan@gmail.com>

Prev by Date: Re: USB disk shows up late at boot
Next by Date: Kernel compile and install does not create initrd
Previous by thread: outdated ssl cert
Next by thread: Re: outdated ssl cert
Index(es):
- Date
- Thread