|
|
|
|
|
|
by indymike
1251 days ago
|
|
|
I think what you are saying is that expiration is important. The reasoning "cryptography is razor sharp" is really hard to follow. Cryptography is precise, but what really would help people is understanding why expiration dates matter so much. Most people carry a driver's license, and have to renew it. We all know that nothing magically happened that day to change anything about the driver - so that expiration is bureaucratic. Why is the expiration date on a cert different? The layers of bureaucracy is a barrier to adoption of better security practices, and is all of our problem because at some point, you are using someone's website or api that is insecure because someone had to get one more approval or get someone to click one more button and did not. |
|
|