>> What matters is not the certificate. The certificate is public.
>> You can’t “steal" a certificate.
>>
>> What you *can* steal is the private key associated with a
>> certificate, and the more time goes by the more likely it becomes
>> that someone has done so.
>>
>> However, the expiration dat
Ron Garret writes:
> The whole idea of an expiration date (rather than an issue date)
> on a certificate is a sort of a scam by the CAs to coerce people
> into renewing (and hence paying for) their certificates on a regular
> schedule. I think some CAs don’t even enforce the use of a new key
> whe
John R. Levine writes:
> >But all of this is rather a moot point nowadays. Now that letsencrypt is
> >live, there is no reason to pay for a cert any more.
>
> Try getting a let's encrypt cert for your mail server. Or getting an EV
> cert.
EV certs are definitely not available from Let's Encry
Authors of ransomware as a service such as encryptor RaaS steal
certificates all the time.
On 6/24/2016 2:30 PM, Ron Garret wrote:
What matters is not the certificate. The certificate is public. You can’t
“steal" a certificate.
What you *can* steal is the private key associated with a cert
EV certs are definitely not available from Let's Encrypt, but you can
get a certificate for your mail server by using the DNS challenge type,
which just requires you to place a specified record into your DNS zone.
While the Certbot client doesn't support this mechanism, several other
Let's Encrypt
On Fri, Jun 24, 2016 at 2:30 PM, Ron Garret wrote:
> What matters is not the certificate. The certificate is public. You can’t
> “steal" a certificate.
>
> What you *can* steal is the private key associated with a certificate, and
> the more time goes by the more likely it becomes that someone
But all of this is rather a moot point nowadays. Now that letsencrypt is live,
there is no reason to pay for a cert any more.
Try getting a let's encrypt cert for your mail server. Or getting an EV
cert.
R's,
John
___
cryptography mailing list
cr
What matters is not the certificate. The certificate is public. You can’t
“steal" a certificate.
What you *can* steal is the private key associated with a certificate, and the
more time goes by the more likely it becomes that someone has done so.
However, the expiration date is completely arb
In article <576d6d35.3080...@gmail.com> you write:
>Do you want to take chances in a world of stolen certificates?
Why is this certificate more likely to be stolen today than it was a
week ago? It's the same certificate, it hasn't changed.
R's,
John
>On 6/24/2016 11:09 AM, Jason Richards wrote
Do you want to take chances in a world of stolen certificates?
On 6/24/2016 11:09 AM, Jason Richards wrote:
I just downloaded the new MBAM installer.
Its certificate expired 6/19/2016.
Should I just ignore that fact?
I wouldn't ignore it at all.
The certificate that signed the code expired?
>> I just downloaded the new MBAM installer.
>>
>> Its certificate expired 6/19/2016.
>>
>> Should I just ignore that fact?
>
> I wouldn't ignore it at all.
The certificate that signed the code expired? If the certificate was
valid when the code was signed then there should be no issues. Nothing
I wouldn't ignore it at all.
On 6/21/2016 1:25 PM, rv...@insightbb.com wrote:
I just downloaded the new MBAM installer.
Its certificate expired 6/19/2016.
Should I just ignore that fact?
___
cryptography mailing list
cryptography@randombit.net
http:
I just downloaded the new MBAM installer.
Its certificate expired 6/19/2016.
Should I just ignore that fact?
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
13 matches
Mail list logo
