golemfactory / golem-certificate

GNU Lesser General Public License v3.0
0 stars 1 forks source link

It is possible to sign expired cert and use it as an issuer #23

Open pwalski opened 1 year ago

pwalski commented 1 year ago

What: Add suitable warnings when using expired certificates in scenarios like below.

Problems:

pwalski commented 1 year ago

It is good that library verification method rejects not expired cert signed by expired cert, but it means rejection will happen on Provider side during Negotiation, not on the side of author of an application with Audited Payload the moment they will try to sign it using invalid certificate.