LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 24, 2012

A uTouch architecture introduction

LWN.net Weekly Edition for May 17, 2012

Tasting the Ice Cream Sandwich

Highlights from the PostgreSQL 9.2 beta

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

CA expiration

CA expiration

Posted Aug 26, 2008 23:34 UTC (Tue) by man_ls (subscriber, #15091)
In reply to: CA expiration by i3839
Parent article: Perspectives: an extension to block man-in-the-middle attacks

Suppose the first certificate expires in December 2008. During 2008 the CA issues a new certificate, signed using the old one, valid from 2008 until 2020. Now, both certificates are valid during a short period of overlap, but in 2009 the old one has expired and only the new one remains.

Of course the usual way is to go to the vendor's website and download an upgraded certificate directly, without any effective way of authentication. But that doesn't mean it is not possible.

(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds