[Cryptography] Government shutdown: TLS certificates not renewed, many websites are down
Viktor Dukhovni
cryptography at dukhovni.org
Fri Jan 11 19:39:34 EST 2019
On Fri, Jan 11, 2019 at 03:41:09PM -0500, John Levine wrote:
> Given that, while the article's advice is technically confused (of
> course the traffic is still encrypted), the general message not to
> trust stale certs is reasonable.
A non-trivial UI question is whether on error, the UI reports all
the failures or just the first failure, and if so which one!
Suppose the certificate is both expired and has the wrong hostname?
Will the user figure that out?
--
Viktor.
More information about the cryptography
mailing list