[Users] Certificate pop-up message

ratinox at gweep.net ratinox at gweep.net
Thu Oct 4 17:58:41 CEST 2012

On Thu, 4 Oct 2012 12:47:35 +0100
Kevin Chadwick <ma1l1ists at yahoo.co.uk> wrote:

> It's in the spec, so fair enough but the date doesn't actually matter
> assuming a high enough bit key, just whether the key is secure and
> currently valid matters, which should be verified anyway. This could

An expired certificate is neither secure nor valid. This is what
"expired" means. It's the very definition of the term.

> even be a user issue that he can't solve, such as a flat bios battery.
> Something the HSTS (i think that's the right one) chose to ignore when
> prodded even though it stops me using it on my site as some users
> such as a mate of mine would get a needless DOS when a forced redirect
> such as via PHP that allows ignoring the date would do.

Are you serious? Dates and times are important to proper mail handling
and even more important to high-level crypto-systems like Kerberos and
SSL. If your friend's computer's clock doesn't work then the computer
is broken. Tell your friend to fix his computer or get it fixed.

\m/ (--) \m/

More information about the Users mailing list