|
| From: | Ken Hornstein |
| Subject: | Re: [Nmh-workers] TLS certificate validation |
| Date: | Sat, 24 Sep 2016 22:13:53 -0400 |
>Any system that does not maintain up-to-date certificates is just broken; >an invitation for security vulnerabilities to be exploited in situations >where expired or revoked certificates can be exploited. Validating the >certificate chain should be the default and any other option available >should come with language that strongly discourages their use. Doing >anything else would be giving people a false sense of security. I'm not DISAGREEING with you that it's important; I just wonder how good of a job operating systems do here. More investigation is needed. --Ken
| [Prev in Thread] | Current Thread | [Next in Thread] |