Well, I think the theoretically correct answer is that you *should*... these days all the installers can be available online, after all.
William -----Original Message----- From: Peter Gutmann [mailto:pgut...@cs.auckland.ac.nz] Sent: Wednesday, December 07, 2011 9:21 AM To: cryptography@randombit.net; pgut...@cs.auckland.ac.nz; wwh...@securityinnovation.com Subject: RE: [cryptography] How are expired code-signing certs revoked? William Whyte <wwh...@securityinnovation.com> writes: >I would say that you shouldn't *install* signed software after the >signing cert expires, but if you installed it before expiry it's still >safe to use it. That wouldn't work, consider the untold numbers of install CDs shipped with anything that you could think of conneting to a PC at some point (your shiny new digital camera, your electric toothbrush, ...). These are often extremely out-of-date, but you can't block the install just because the cert has expired. Peter. _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography