Re: Certificate Expiry

2012/1/25 Mischa Tuffield <mischa@mmt.me.uk>:
> Hello,
>
> After Melvin pointed me at his/a calendar APP (very cool btw) [1], I noticed that I managed to authenticate with my WebID[2] even though my cert had expired on 2012-01-17, am guessing this is not a feature and it shouldn't be the case.
>
> I have tested this expired cert on the following services, which I found on the WebID Test Suite[3]:

Isn't it the role of the TLS stack to make this verification ?

> https://auth.fcns.eu/auth/index.php?verbose=on (Failed to notice that my cert was expired)
> https://id.myopenlink.net/webid_demo.html?webid=http%3A%2F%2Fmmt.me.uk%2Ffoaf.rdf%23mischa (Failed to notice that my cert was expired)
> https://foafssl.org/test/WebId (This service noticed that my cert was expired)
> https://resourceme.bergnet.org/test.php (My browser didn't even ask me for a cert in this case)
> https://webid.turnguard.com:8443/WebIDTestServer/onlywithcert (This service noticed that my cert was expired)
>
> I just thought I would say :)
>
> Great work everyone,
>
> Mischa *needs to generate a new cert I guess $todoList++.
>
> [1] http://calendar.data.fm/
> [2] http://mmt.me.uk/foaf.rdf#mischa
> [3] http://www.w3.org/2005/Incubator/webid/wiki/Test_Suite#Some_WebID_Verification_Sites
> _____________________________
> Mischa Tuffield PhD
> http://mmt.me.uk/
> http://mmt.me.uk/foaf.rdf#mischa
>
>
> -----BEGIN PGP SIGNATURE-----
>
> iQIcBAEBAgAGBQJPICFzAAoJEJ7QsE5R8vfvIR0QALVjKBoU8+WheQJyQ+bAG7et
> uHfzUJVZ78ZqEGaoUyLmvR3Lwp+oGMYYe4IGE5XFi5SgEejdALNAKCWw6Rlckp4G
> yoaM2nMix8dSRuhOcdzwI5TQFHyDf7hcvWKcF+WQaDwv74YlhdW+90OMIbf34HPI
> F0x+xHwPllU5/wK+I9Wz7c8nADZd8dNLUd+Maw1ZLFmso/fAb0wLsxRFU6lZ/Zeu
> XF1bBcrJfeJth52PNclYYdP+VR9szNSYOsLBwJvOXb3nhwJEEN+txeKn4iafo7ai
> yiDwBIO5rTtv7oPC3P31PVqj/cYcZE2oiwpnPLt4Q1mJuDdfNAvsSj2O+Crf1Bpe
> wm90JXJqJ+JiScuI8DNBmWaObvtNssOLNz1sYfxKBXNkuSAKnWUyUx4yermpDSZC
> muWa6svB00GA+IEKMqb8Ko3rRZNxTGs4cgHIP2S+5s7a3oed6y/rshXzNDATe8ST
> Z65McgOsJJ+jhYhtvsRUFkLcrTqLonn+KOThSanx82NFms/yQzrotOtaj6KJy0Gk
> HF3QCIwFy1vDL2QLcUSXAUfGSBgWO3DwxkTmoEWmZGG2C5+F8WWbj/y8L6k6OkLS
> sSJDq9jOGEbanhv6UkbLatPq5gOwIm7kGNjI+g6aTZcaXZURmLxe2gM0Y+PC4fGJ
> sUgBwyP2MCEVLBNQpgaC
> =bXGS
> -----END PGP SIGNATURE-----
>

Received on Wednesday, 25 January 2012 16:13:03 UTC