Reply to post: Enforced updates?

Oculus Rift whiffed, VR fanbois miffed

AS1
Paris Hilton

Enforced updates?

Just spoke with our signing guru, and most signing tools enable time-stamping on a signature by default; this would prevent the signature expiring when the certificate expires. The signature is checked against that point in time, whereas a non-time-stamped signature checks 'now' against the certificate's valid period. (Apologies if something has been lost in transmission.)

So the expiration is from a, by choice, non-time-stamped signature.

Now, why would a company choose for their signed software to expire?

Because even Paris would use the defaults.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon