> From: Salz, Rich
>
> OpenSSL does nothing about this. It’s an interesting question. As for as
> TLS/SSL is concerned,
> it is only using the certificate at the time the connection is initially
> established, and therefore
> expiration (or revocation) during the application’s use of the certif
On Tue, Apr 23, 2013 at 10:17:54AM -0700, Vijaya Venkatachalam wrote:
> So at the time of openssl connection establishment, the certificate is valid.
> But while the connection is still up, the certificate expires.
The certificate was valid at the time it was verified, this is sufficient.
> Is t
OpenSSL does nothing about this. It's an interesting question. As for as
TLS/SSL is concerned, it is only using the certificate at the time the
connection is initially established, and therefore expiration (or revocation)
during the application's use of the certificate is up to the application