Expiring Security Certificates

Kenn's
Tech
Notes

20000503: Expiring Security Certificates

May/2000
Tech Note #3

In recent months, a number of people have received warnings regarding "expiring security certificates" in their web browser. Although it looks somewhat alarming, this does not represent a major problem. In the vast majority of cases, the browser affected is Netscape, version 4.05 or earlier. If the computer has sufficient processing power and RAM to support it, simply upgrade to the current version of Netscape. If not, you can still use the old version of the browser. The certificate warning will only occur when accessing secure web pages (https://) and indicates only that the certificate has expired. It does not mean that encryption is not working. It does not mean the site is unsafe.

Security certificates are issued with expiry dates because as technology advances, older technology becomes more vulnerable to brute force hacking by newer faster technology. The people who write the encryption use Moore's Law to estimate how long it will be before the algorithm they are writing will be vulnerable to readily-available technology, and issue the certificate for a shorter, safer lifespan. The technology doesn't stop working when the certificate expires. Certificate expiry is just a warning that you're using old technology.

Netscape has a document which explains this issue in detail. For an even more detailed examination of security certificates, VeriSign has lots of good information at their web site.

DISCLAIMER: This document is intended for the reference of computer support personnel within Winnipeg School Division No. 1. There is no warranty or liability if procedures recommended here have an adverse affect on any systems. Use them at your own risk. Any trademarks mentioned are the property of their owners, none of whom have certified any information provided here. Opinions expressed here are personal only and do not represent the policy of Winnipeg School Division No. 1 or any other organization anywhere.

Got a Tech Note to share? Submissions are most welcome! [Click here.]
To return to the Tech Notes home page, click here.
To download a copy of all the May/2000 Tech Notes in Rich Text Format, click here.

Click here to visit the Information "Super-Cul-De-Sac". This page was updated
2001 June 9

This page hosted by
Get your own Free Homepage
Check out my neighbours here in Silicon Valley Peaks by clicking here.