[cryptography] How are expired code-signing certs revoked?

Jeffrey Walton noloader at gmail.com
Thu Dec 8 11:30:42 EST 2011


2011/12/7 Marsh Ray <marsh at extendedsubset.com>:
>
> On 12/07/2011 07:01 PM, lodewijk andré de la porte wrote:
>>
>> I figured it'd be effective to create a "security awareness group"
>> figuring the most prominent (and only effective) way to show people
>> security is a priority is by placing a simple marking, something like
>>  "this site isn't safe!"
>
>
> I thought the international symbol for that was already agreed upon:
> goatse.cx
>
>
>
> On 12/07/2011 07:13 PM, lodewijk andré de la porte wrote:
>>
>> I'm afraid signing software is multiple levels of bullocks. Imagine a
>>  user just clicking yes when something states "Unsigned software, do
>> you really want to install?".
>
>
> You're just thinking of a few code signing schemes that you have direct
> experience with.
>
> Apple's iPhone app store code signing is far more effective for example.
https://krebsonsecurity.com/2011/11/apple-took-3-years-to-fix-finfisher-trojan-hole/



More information about the cryptography mailing list