On 01/16/2010 02:56 PM, Vadkan Jozsef wrote:
what does a self-signed outdated ssl cert worth? [https] could it be tricked [https] in a way, that the end user will not recognize? [e.g. he already accepted the cert one time, and the browser would warn her, if it been ""attacked""?] ..I mean does an outdated self-signed certificate give the same security as a normal cert?
If by "outdated" you mean "expired", that is, it's not valid anymore, then any browser (or other software that uses certificates) should warn the user, regardless of whether it's self-signed or not.
-- An empty cab drove up and Sarah Bernhardt got out. -Arthur Baer, American comic and columnist Eduardo M KALINOWSKI eduardo@kalinowski.com.br