[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: cert considered invalid when intermediate is expired
From: |
Alfredo Pironti |
Subject: |
Re: cert considered invalid when intermediate is expired |
Date: |
Sun, 28 Oct 2012 12:55:35 +0100 |
>
> Does that imply that a CA that signs a cert that is supposed to be
> valid for 2yrs using an intermediate cert that is valid for 20 months
> essentially makes a cert for 20 months only because for the remaining
> 4 months the cert will be invalid?
I'd say yes, as much as a revoked trusted certificate makes all issued
certificates instantly invalid. Your case looks sort of corner, but I
believe the same verification rule should apply. A wise CA would
refresh their certificate before such a race condition occurs.
Alfredo