Full Disclosure mailing list archives
Re: Expired certificate
From: Marsh Ray <marsh () extendedsubset com>
Date: Sat, 24 Jul 2010 03:12:31 -0500
On 07/23/2010 12:29 PM, Meadow wrote:
If your organization really did have the expiration staggered at every 2 days, then you should take a bunch of servers (grouped by segment/application/whatever makes sense in your environment) and renew all the certs on that group of servers at once, even if they aren’t all quite expired yet.
+1. Yeah there's no good reason to wait until the very last day.
You should also fire your program manager.
Well, more precisely, the guy who was around three years ago. Who is probably you, because you were promoted to be the current guy's boss due to your ability to complete large numbers of tasks on time. So you should fire yourself. Alternatively, since the current team is now blessed with the hard-won wisdom gained from your pioneering mistakes, you should raise their quotas, cut their staff, and take credit for the improved efficiency. Which sounds better to you? Anyone in IT very long knows how common it is for the chickens to actually come home to roost on the same guy that laid 'em.
The savings in labor and down-time would make up for the one-time cost of renewing some certs prematurely.
Still there could be some legitimate cases where it might happen. E.g., a paid hosting situation where the initial signup is self-service, but renewals are covered under some support package. - Marsh _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Expired certificate, (continued)
- Re: Expired certificate Junk Meat (Jul 17)
- Re: Expired certificate Dan Kaminsky (Jul 17)
- Re: Expired certificate Pavel Kankovsky (Jul 18)
- Re: Expired certificate Marsh Ray (Jul 20)
- Re: Expired certificate Dan Kaminsky (Jul 22)
- Re: Expired certificate Marsh Ray (Jul 22)
- Re: Expired certificate Dan Kaminsky (Jul 22)
- Re: Expired certificate Marsh Ray (Jul 22)
- Re: Expired certificate bk (Jul 23)
- Re: Expired certificate Meadow (Jul 23)
- Re: Expired certificate Marsh Ray (Jul 24)
- Re: Expired certificate Pavel Kankovsky (Jul 24)
- Re: Expired certificate Dan Kaminsky (Jul 24)
- Re: Expired certificate Dan Kaminsky (Jul 24)
- Re: Expired certificate Pavel Kankovsky (Jul 25)
- Re: Expired certificate Dan Kaminsky (Jul 25)
- Re: Expired certificate Marsh Ray (Jul 26)