[cryptography] How are expired code-signing certs revoked?
noloader at gmail.com
Thu Dec 8 11:30:42 EST 2011
2011/12/7 Marsh Ray <marsh at extendedsubset.com>:
> On 12/07/2011 07:01 PM, lodewijk andré de la porte wrote:
>> I figured it'd be effective to create a "security awareness group"
>> figuring the most prominent (and only effective) way to show people
>> security is a priority is by placing a simple marking, something like
>> "this site isn't safe!"
> I thought the international symbol for that was already agreed upon:
> On 12/07/2011 07:13 PM, lodewijk andré de la porte wrote:
>> I'm afraid signing software is multiple levels of bullocks. Imagine a
>> user just clicking yes when something states "Unsigned software, do
>> you really want to install?".
> You're just thinking of a few code signing schemes that you have direct
> experience with.
> Apple's iPhone app store code signing is far more effective for example.
More information about the cryptography