tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Shipping SSL certificates in the base system

On Mon, Jul 03, 2017 at 12:56:38AM +0000, Emmanuel Dreyfus wrote:
 > On Mon, Jul 03, 2017 at 12:45:17AM +0200, Joerg Sonnenberger wrote:
 > > The only problem I see is that outdated timezone data doesn't
 > > necessarily have a real world impact. Outdated root CAs can.
 > Most of the time, outdated things in a system is dangerous. Known 
 > security vulnearbilities accumulate over the time, and outdated
 > CA are just a bit of that problem. 
 > Oudated stuff that is not a security hazard, like timezone data,
 > is rather scarce.

Most outdated stuff is also not as serious a hazard as bad CA keys.

David A. Holland

Home | Main Index | Thread Index | Old Index