[cryptography] How are expired code-signing certs revoked?

Marsh Ray marsh at extendedsubset.com
Thu Dec 8 11:07:59 EST 2011


On 12/08/2011 09:16 AM, Darren J Moffat wrote:
> On 12/07/11 14:42, William Whyte wrote:
>> Well, I think the theoretically correct answer is that you *should*...
>> these days all the installers can be available online, after all.
>
> Except when the installer CD you need is the one for the network driver
> on the new machine without which you can't get online !

There are systems that aren't online, and there are systems that 
shouldn't be online for good reasons. For example the power grid.

If we consistently neglect this scenario, then if the Internet ever 
suffers more than a brief outage we could find ourselves rebuilding 
society from the iron age.

- Marsh



More information about the cryptography mailing list