The older a certificate, the more likely the private key to have been broken (both from a longer time to try and because technology advances make it easier), or leaked, or that domain has been lost to someone less reputable, so certificates need to have time limits.
Although it is true that the certificate structure has been monetised, and that Microsoft bought out one of the main companies in the certificate business, if there is any money going to Microsoft here, it is for inclusion of the certificate authority's root certificate in the browser/Windows, not for the individual certificates. This also applies to Authenticode, the digial signature infrastructure for code, rather than web pages. Again you can pay your money to any certifying authority, not just, the now Microsoft owned, Verisign. If anything, the real problem nowadays is that just too many people can issue certificates that will be trusted by browsers/Authenticode, and by default, they will trust certificates with very different levels of verification of the identity of the subject. WILLIS COOKE wrote: + what you were talking about. It appears to me to be generated by + Microsoft Internet Explorer rather than anything at ARRL LOTW. I have + been getting such warnings when I try to download any software that did + not give Microsoft its cut for some time, but this appears to be a new -- David Woolley "we do not overly restrict the subject matter on the list, and we encourage postings on a wide range of amateur radio related topics" List Guidelines <http://www.elecraft.com/elecraft_list_guidelines.htm> ______________________________________________________________ Elecraft mailing list Home: http://mailman.qth.net/mailman/listinfo/elecraft Help: http://mailman.qth.net/mmfaq.htm Post: mailto:Elecraft@mailman.qth.net This list hosted by: http://www.qsl.net Please help support this email list: http://www.qsl.net/donate.html