Linux and Secure Boot certificate expiration

(lwn.net)

253 points pabs3 | 2 comments | 18 Jul 25 03:53 UTC | HN request time: 0.001s | source

Show context

mkj ◴[18 Jul 25 07:23 UTC] No.44602124[source]▶

It's not just Linux - certificates to sign Windows are also affected in 2026.

https://support.microsoft.com/en-us/topic/windows-secure-boo...

https://techcommunity.microsoft.com/blog/windows-itpro-blog/...

Really it seems like having any expiry date for these certificates is a mistake. The one thing it might protect against is a compromised signing key, but if you have to wait 15 years for a compromised key to stop being valid, it's not very useful!

Don't worry, the replacement MS certs expire in 2038 (a couple of months after the 32-bit unix time rollover).

replies(5): >>44602428 #>>44602690 #>>44602733 #>>44602895 #>>44617707 #

1. littlestymaar ◴[18 Jul 25 08:16 UTC] No.44602428[source]▶

>>44602124 #

Is that really a mistake? Or Microsoft just has no interest to care about computers not working as intended anymore.

It certainly wouldn't be the first evidence of that…

replies(1): >>44602637 #

2. pjmlp ◴[18 Jul 25 09:01 UTC] No.44602637[source]▶

>>44602428 (TP) #

Being cynic, there was the expectation that computers would get replaced before the certification expiration date.

↑