Re: Expiration Of Certificates

Re: Expiration Of Certificates
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Applications Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Re: Expiration Of Certificates David Cross [MS] 07-11-2005
Posted by David Cross [MS] on July 11, 2005, 8:32 am
If you were  Registered and logged in, you could reply and use other advanced thread options
No, it will not have any effect.

--
David B. Cross [MS]
--
This posting is provided "AS IS" with no warranties, and confers no rights.


Top Whitepapers:

Auto-enrollment whitepaper:
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/autoenro.mspx

Best Practices for implementing Windows Server 2003 PKI:
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/ws3pkibp.mspx

Troubleshooting Certificate Status and Revocation whitepaper:
http://www.microsoft.com/technet/security/topics/crypto/tshtcrl.mspx

Windows Server 2003 web enrollment and troubleshooting guide:
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/webenroll.mspx
> David,
>
> Thanks for the response. It was a big help. Let me ask you this... If my
> root CA expires in 5 years (should I extend this?) then when I renew that
> CA
> Cert, will it affect the decryption of the old material?
>
>
> "David Cross [MS]" wrote:
>
>> Decryption is always allowed for expired certs; they just won't be able
>> to
>> perform new encryption without enrollment for a new valid cert.
>>
>> --
>> David B. Cross [MS]
>> --
>> This posting is provided "AS IS" with no warranties, and confers no
>> rights.
>>
>>
>> Top Whitepapers:
>>
>> Auto-enrollment whitepaper:
>>
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/autoenro.mspx
>>
>> Best Practices for implementing Windows Server 2003 PKI:
>>
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/ws3pkibp.mspx
>>
>> Troubleshooting Certificate Status and Revocation whitepaper:
>> http://www.microsoft.com/technet/security/topics/crypto/tshtcrl.mspx
>>
>> Windows Server 2003 web enrollment and troubleshooting guide:
>>
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/webenroll.mspx
>> > Ok I have been trying to figure out the PKI this for awhile. What
>> > concerns
>> > me
>> > is the expiration of the user's certificates. After the year is up (We
>> > are
>> > running 03 standard), will that user be able to access data from the
>> > previous
>> > year. Do I need to create a new cert for that user and keep the old one
>> > on
>> > his system as well? If I can get away with simply backing up the old
>> > certs
>> > and keeping them on the users system for access to archived documents,
>> > then
>> > what happens when the CA's cert expires? Any help in getting over this
>> > mental
>> > barrier would be great. Thanks
>>
>>
>>



Similar ThreadsPosted
clm users certificates expiration March 30, 2008, 5:39 am
On password expiration March 31, 2006, 1:51 am
PKI - Certificate expiration notifications November 8, 2007, 12:27 am
Password Expiration for Remote Users March 16, 2006, 1:07 pm
Remote users and Password expiration October 10, 2006, 11:30 am
Credential expiration timestamps and groups January 10, 2007, 10:59 am
Preventing Kerberos Ticket Expiration December 26, 2007, 11:23 am
Service accounts with password expiration August 15, 2008, 2:36 pm
password expiration policy for admin and system accounts ? October 19, 2005, 6:29 pm
No password expiration alert when smart card logon is required December 27, 2005, 1:14 pm

The site map in XML format XML site map

Contact Us | Privacy Policy