[thelist] Secure Site Expiration
Pete Freitag
pf at cfdev.com
Sun May 5 17:55:00 CDT 2002
It's still a secure transaction, it's all still encrypted if even if the
certificate is expired. What is the expiration date there for besides
making the cert signers more money? I suppose it lessens the problems if
your private key gets stolen since it will expire, but it doesn't add any
security.
_____________________________________________
Pete Freitag (pfreitag at cfdev.com)
CTO, CFDEV.COM
ColdFusion Developer Resources
http://www.cfdev.com/
-----Original Message-----
From: thelist-admin at lists.evolt.org
[mailto:thelist-admin at lists.evolt.org]On Behalf Of David Kutcher
Sent: Sunday, May 05, 2002 6:03 PM
To: thelist at lists.evolt.org
Subject: Re: [thelist] Secure Site Expiration
> > When we questioned it we were told "he assured me it was secure, but
that
> > their security had expired and though it was renewed, the company had
not
> > added the lock back."
The certificate from .... (name escapes me) could have expired and yes, it
does take some time to renew the certificate for SSL, but that doesn't
change the fact that it should be https which would automatically make that
"lock" icon be locked.
That is EASILY grounds for a lawsuit if in writing. I'm not a lawyer, but I
have seen a few successful cases against companies that have assured secure
transactions and in fact were not.
--
For unsubscribe and other options, including
the Tip Harvester and archive of thelist go to:
http://lists.evolt.org Workers of the Web, evolt !
More information about the thelist
mailing list