[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Nmh-workers] TLS certificate validation
|
From: |
Valdis . Kletnieks |
|
Subject: |
Re: [Nmh-workers] TLS certificate validation |
|
Date: |
Sat, 24 Sep 2016 22:19:53 -0400 |
On Sat, 24 Sep 2016 12:43:55 -0400, Jeffrey Honig said:
> Any system that does not maintain up-to-date certificates is just broken;
> an invitation for security vulnerabilities to be exploited in situations
> where expired or revoked certificates can be exploited. Validating the
> certificate chain should be the default and any other option available
> should come with language that strongly discourages their use. Doing
> anything else would be giving people a false sense of security.
Like having 600+ root CA certificates *isn't* a false sense of security? :)
pgpVvul1Shuzc.pgp
Description: PGP signature
- Re: [Nmh-workers] TLS certificate validation, (continued)
- Re: [Nmh-workers] TLS certificate validation, Jeffrey Honig, 2016/09/24
- Re: [Nmh-workers] TLS certificate validation, Ken Hornstein, 2016/09/24
- Re: [Nmh-workers] TLS certificate validation, Jeffrey Honig, 2016/09/25
- Re: [Nmh-workers] TLS certificate validation, Ralph Corderoy, 2016/09/25
- Re: [Nmh-workers] TLS certificate validation, Jeffrey Honig, 2016/09/25
- Re: [Nmh-workers] TLS certificate validation, Ralph Corderoy, 2016/09/25
- Re: [Nmh-workers] TLS certificate validation, Ken Hornstein, 2016/09/25
- Re: [Nmh-workers] TLS certificate validation, Jeffrey Honig, 2016/09/25
- Re: [Nmh-workers] TLS certificate validation, Ken Hornstein, 2016/09/25
- Re: [Nmh-workers] TLS certificate validation, Jeffrey Honig, 2016/09/25
Re: [Nmh-workers] TLS certificate validation,
Valdis . Kletnieks <=
Re: [Nmh-workers] TLS certificate validation, Lyndon Nerenberg, 2016/09/26