[117399] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

Re: delegating SSL certificates

daemon@ATHENA.MIT.EDU (Ben Laurie)
Sun Mar 16 10:31:27 2008

Date: Sun, 16 Mar 2008 11:32:54 +0000
From: Ben Laurie <ben@links.org>
To: Cryptography <cryptography@metzdowd.com>
In-Reply-To: <20080225220143.GC8561@subspacefield.org>

travis+ml-cryptography@subspacefield.org wrote:
> So at the company I work for, most of the internal systems have
> expired SSL certs, or self-signed certs.  Obviously this is bad.

You only think this is bad because you believe CAs add some value.

SSH keys aren't signed and don't expire. Is that bad?

-- 
http://www.apache-ssl.org/ben.html           http://www.links.org/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com

home help back first fref pref prev next nref lref last post