[Cryptography] SSL Certificates are expiring...
Stephan Neuhaus
stephan.neuhaus at zhaw.ch
Wed Feb 5 07:36:29 EST 2020
On 1/31/20 11:08 PM, Henry Baker wrote:
> Forget the Y2K bug, "things" are starting to break as SSL Certificates start expiring.
>
> Several authority certificates are expiring:
> 5/30/2020
> 6/21/2020
> 9/22/2020
> 12/31/2020
>
> IoT = Internet of Expired Certificates.
>
> Perfectly good HW, but with firmware that can't be updated.
I have been working with several IoT people and some solve this problem
by issuing certs that expire in the year 9999 (i.e., never). Of course
that solves the problem of the CA cert expiring, but on the other hand
this is not how it was supposed to be.
> I just hope that implantable medical devices can have their builtin certificates updated!
And I hope that IoT developers realise that the PKI model of trust is
not a good match for (much of) IoT security.
Fun
Stephan
>
> I wonder how many "smart" *cars* will stop running when their builtin SSL certificates expire?
>
> Problems: bad hash functions (MDx,SHA1) are also causing certificate
> problems even though the RSA algorithm -- even at 1024 bits -- still seems to be holding.
>
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> https://www.metzdowd.com/mailman/listinfo/cryptography
>
More information about the cryptography
mailing list