undefined | Better HN

0 pointslondons_explore1y ago0 comments

I think there is a strong argument to simply not checking certificate expiry dates in embedded hardware.

Just keep using the expired certificate forever.

Sure - that means if someone leaks the private key that everyone worldwide needs to do a firmware update to get security.

But that's probably less user harm than everyone worldwide needing to do a firmware update to replace an expired cert, and having a dead device otherwise.

0 comments

bobdvb1y ago

1) You can't pass a PCI-DSS audit if you have expired certificates. 2) You can't always tell the CDN providers what to do with certs. 3) We've seen examples of new root certificates that mean devices don't know about things like LetsEncrypt

account421y ago

At the very least the user should be able to override the failing certificate check. So much "security" cargo culting is intentionally planned failure.

bobdvb1y ago

99% of consumers don't understand what that means and if we normalise the average consumer bypassing certificate checks that's definitely a bad thing.

j / k navigate · click thread line to collapse

0 pointslondons_explore1y ago0 comments

I think there is a strong argument to simply not checking certificate expiry dates in embedded hardware.

Just keep using the expired certificate forever.

Sure - that means if someone leaks the private key that everyone worldwide needs to do a firmware update to get security.

But that's probably less user harm than everyone worldwide needing to do a firmware update to replace an expired cert, and having a dead device otherwise.

0 comments

bobdvb1y ago

account421y ago

At the very least the user should be able to override the failing certificate check. So much "security" cargo culting is intentionally planned failure.

bobdvb1y ago

99% of consumers don't understand what that means and if we normalise the average consumer bypassing certificate checks that's definitely a bad thing.

j / k navigate · click thread line to collapse