Well an ssl cert that just expired is still encrypting data in flight. Most ever... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		mitchty on June 18, 2013 \| parent \| context \| favorite \| on: Evidence that the NSA Is Storing Voice Content, No... Well an ssl cert that just expired is still encrypting data in flight. Most everyone that has dealt with security knows that people sometimes miss renewing the certs. Expired cert doesn't mean the site is now malicious.

kaoD on June 19, 2013 [–]

But it means that, if you accepted the insecure certificate, you might've accepted a MITM-crafted certificate.

It doesn't mean that it's malicious, but it doesn't mean it's not.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact