LATEST CHATTY HEADER
Subscribe to Shacknews Mercury starting at $1/month!
Chrome Shack Community Guidelines Chatty Search
Scroll down to join the conversation.
New to Shacknews? Signup for a Free Account
Already have an account? Login Now
Subscribe to Shacknews Mercury starting at $1/month!
Chrome Shack Community Guidelines Chatty Search
Scroll down to join the conversation.
https://www.thawte.com/ssl-digital-certificates/technical-support/code/msauth.html#expires
I got worried this problem would affect a bunch of stuff and then wondered why Gears of War was the first problem I had heard of... Then I set my clock forward and found stuff signed by now-expired certs was still considered signed, and looked into what the deal was.
On my Vista machine there's a good example. Go to system32 and bring up the comctl32.ocx signature information. It was signed with a cert that expired in 2001 but the signature is still OK because it was also countersigned by VeriSign Time Stamping Service in 2000.
So digital signatures are NOT a DRM timebomb unless they're done incorrectly.
Thread Truncated. Click to see all 5 replies.
Heh, I was thinking, shit, we're going to have to keep old versions of our binaries around forever so that we can re-sign them every few years and then deal with the flack from people who were forced to download updates to get things working again.
The post has been reported. Thank you!
You must be logged in to post.
You must be logged in to post.