On 07/17/2010 11:23 AM, Dan Kaminsky wrote: > -- but imagine if drives *intentionally* committed suicide one day > after warranty expire. People would go nuts! > > Somehow, this is all OK in X.509.
The usual logic given for this and other types of mandatory password expiration schemes is that it limits the time of exposure when the credentials are compromised. These days this reasoning makes less sense when the attacker might only need to use his unauthorized access for 50ms or so to install a persistent backdoor. Still, unless you really expect people to trust a certificate that's been sitting on some web server for 10 years, there's going to have to be some kind of expiration. Drivers licenses, (as Pavel said) passports, most kinds of real-world credentials expire. In the computer field we deal with 10+ orders of magnitude on the time axis (10 years vs 100 ms) so normal policies don't scale well. So we question what seems perfectly reasonable to ordinary people and they figure we've just lost our common sense. Operationally, it just shouldn't be that big a deal to schedule a maintenance every few years. Like expiring domain registrations, the hardest part is simply to not lose track of it. The Accounting dept in an organization can sometimes help to not forget that stuff. - Marsh _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
