On Sat, 24 Sep 2016 12:43:55 -0400, Jeffrey Honig said:
Any system that does not maintain up-to-date certificates is just broken;
an invitation for security vulnerabilities to be exploited in situations
where expired or revoked certificates can be exploited. Validating the
certificate chain should be the default and any other option available
should come with language that strongly discourages their use. Doing
anything else would be giving people a false sense of security.
Like having 600+ root CA certificates *isn't* a false sense of security? :)
pgpduJKs7cdB7.pgp
Description: PGP signature
_______________________________________________
Nmh-workers mailing list
Nmh-workers(_at_)nongnu(_dot_)org
https://lists.nongnu.org/mailman/listinfo/nmh-workers