Why are executables on Linux allowed to have a bit set to hand them root privs when exec'd? Because fuck you, that's why.
Revocation doesn't work; that's a whole topic in itself. Thus you need to rely on expiration times.
-
-
so basically the claim here is that cert expiration is sorta like a periodic unconditional revocation & so \
-
limits possible damage any stolen/broken cert can have even w/o further mitigations? that actually makes sense
-
Also CAs prune things off of CRLs pretty aggressively after expiry, because otherwise CRLs would be unbounded
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.