On certificates and validation

Björn Wärmedal bjorn.warmedal at gmail.com
Thu Nov 26 11:02:12 GMT 2020

Previous message (by thread): On certificates and validation
Next message (by thread): On certificates and validation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Ssh doesn't expire its keys, and isn't worse for that.

This is the analogue I was looking for. SSH doesn't care about Common
Name or other cruft in the cert, either.

I agree that some sort of sanity check is nice, but at the same time I
have trouble finding a philosophical or practical reason for doing any
sort of validation on first use, and any beyond "same as last time" on
subsequent visits.

Yes, Drew says I should. But are there any arguments supporting that position?

Cheers,
ew0k

Previous message (by thread): On certificates and validation
Next message (by thread): On certificates and validation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gemini mailing list