[CentOS] https and self signed
Walter H.
Walter.H at mathemainzel.infoThu Jun 16 18:50:22 UTC 2016
- Previous message: [CentOS] https and self signed
- Next message: [CentOS] https and self signed
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 16.06.2016 20:09, Gordon Messmer wrote: > On 06/16/2016 10:53 AM, Walter H. wrote: >> lets encrypt only trusts for 3 months; would you really except in an >> onlineshop, someone trusts this shop? >> let us think something like this: "when the CA only trusts for 3 >> months, how should I trust for a longer period >> which is important for warranty ..." > > I doubt that most users check the dates on SSL certificates, unless > they are familiar enough with TLS to understand that a shorter > validity period is better for security. technically there is more: not the user needs to check the dates a SSL certificate is valid; just compare it with real life: which salesman would you trust more - the one that gets a new car every few years, which has the same advertisings on it and maybe has the same color, or the other one that gets nearly every month a new car, which looks totally different, other color and other advertisings on it? (and its not a car dealer) the same its with SSL certificates; so you have to find the golden middle way, as long as enough without loosing the security and not too short to prevent not to get trust; Walter
- Previous message: [CentOS] https and self signed
- Next message: [CentOS] https and self signed
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list