|
|
|
|
|
|
by wtallis
114 days ago
|
|
|
Do certificate revocation lists need to keep including certificates that have long since expired? I don't see why root certificates need to expire as long as the certificates signed by those roots all have reasonable expiration windows, unless someone is doing something strange about trusting formerly-valid certificates, or not checking root certificates against revocation lists. |
|
|