Re: Expired Certificate in OEM
Date: Wed, 25 Jun 2008 11:05:05 -0700 (PDT)
On Jun 25, 12:23 am, Frank van Bortel <frank.van.bor..._at_gmail.com> wrote:
> joel garry wrote:
> > But that begs the question, shouldn't we be concerned about
> > certificates that should be valid but aren't? The date is within
> > range, after all.
> Eh... missed the date thing (and don't see after a reread).
Oh, if you actually try it you see the dates the cert is valid. I kind of expected to see some way old date or something.
> But yes, you should check certificates, hell, you
> should become *very* worried *not* seeing a certificate
> But all within perspective - this case is just not one
> of them - this certificate is for encryption only (which
> it should note), not for authentication purposes; that
> would be another matter.
Slashdot has a very interesting discussion of this very issue. Search for "Wall of Sheep" for a good laugh: http://it.slashdot.org/article.pl?no_d2=1&sid=08/06/24/2345223
One could suggest Oracle have an option something like "hey, intranet here, don't do all this stuff," but I guess that would be a bad idea, as most intranets I've seen could strain pasta.
-- @home.com is bogus. Green cards! Getchya green cards here! http://www.signonsandiego.com/uniontrib/20080625/news_1b25lawyers.htmlReceived on Wed Jun 25 2008 - 13:05:05 CDT