Y
Hacker News
new
|
ask
|
show
|
jobs
by
freeone3000
701 days ago
Certs should be checked against a CRL and CT for revocation, and expired certs should never be accepted, for this reason among others.
1 comments
bawolff
701 days ago
CT isn't used for revocation. CRLs aren't really a thing in practise. Refusing to accept expired certs is important for other reasons but won't save you from a reused ECDSA nonce.
link