MAS extinction: Apple letting a certificate die isn't a security issue, just an embarrassment<article>
<section class="page">
<p>
When you hear the phrase “digital certificate expired,” you probably immediately assume something terrible happened, your security has in some way been impaired, and you need to take action. Fortunately and unfortunately, that’s not what happened yesterday. Rather, Apple failed to renew a critical digital certificate related to the Mac App Store, and some apps couldn’t be launched or failed as a result of OS X being unable to validate them.</p><p>
Digital certificates combine cryptographic information with metadata that can include explicit details, such as the date on which it becomes valid and the date after which it should no longer be accepted. The certificate takes the plainly readable text, including expiration date, and encrypts it in such a way that only a party that possesses the private half of a public-private encryption key pair—a fundamental component of many kinds of Internet validation and session security protocols—could have done so.</p><p class="jumpTag"><a href="/article/3004917/security/mas-extinction-apple-letting-a-certificate-die-isnt-a-security-issue-just-an-embarrassment.html#jump">To read this article in full or to leave a comment, please click here[/url]</p></section></article>
Source:
MAS extinction: Apple letting a certificate die isn't a security issue, just an embarrassment
