Full Disclosure mailing list archives
Re: Expired certificate
From: Larry Seltzer <larry () larryseltzer com>
Date: Fri, 16 Jul 2010 13:15:52 -0400
It's better than nothing, but it speaks ill of the agency. Yes, the encryption is the same. Certificates have expiration dates so that the verification that happens at the time the cert is acquired can have some "freshness." So if it's just expired, well it's no biggie, especially if this is a plain SSL certificate which doesn't verify all that much anyway. -----Original Message----- From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Daniel Sichel Sent: Friday, July 16, 2010 1:10 PM To: full-disclosure () lists grok org uk Subject: [Full-disclosure] Expired certificate OK, I am in the Golden state (California) where things are not so golden at the moment. I deal with a state agency and use their "secure" ftp site. Their certificate has expired and won't be renewed for a few weeks, but they want me to continue to ftp stuff Using their expired cert. So, as a relative n00b, what are the risks? Does it still encrypt even though, obviously, it can't be verified? My guess is that this still encrypts, but there is no authentication, possibly creating a man in the middle opportunity for some Nefarious person with evil intent (nobody I know, or who is on this list, of course). Anyway, any info would be welcome from the cognoscenti who subscribe here. Thanks, Dan Sichel _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Expired certificate Daniel Sichel (Jul 16)
- Re: Expired certificate Larry Seltzer (Jul 16)
- Re: Expired certificate Dimitry Andric (Jul 16)
- Re: Expired certificate Valdis . Kletnieks (Jul 16)
- Re: Expired certificate Jan Schejbal (Jul 21)
- Re: Expired certificate Ryan Castellucci (Jul 22)
- Re: Expired certificate Dimitry Andric (Jul 16)
- Re: Expired certificate Junk Meat (Jul 16)
- Re: Expired certificate bk (Jul 16)
- Re: Expired certificate Junk Meat (Jul 16)
- Re: Expired certificate bk (Jul 16)
- Re: Expired certificate Junk Meat (Jul 17)
- Re: Expired certificate Dan Kaminsky (Jul 17)
- Re: Expired certificate bk (Jul 16)
- Re: Expired certificate Larry Seltzer (Jul 16)