IdP Certificate Validity checking

Cantor, Scott cantor.2 at
Thu Dec 3 15:56:18 UTC 2020

> I'll feed this back but also point out that other IdP implementations may behave
> differently.


The vast majority will not accept expired.

The only reason I can continue to rail about that stupidity is that most of them *not only* require them to be valid but also require they get manually updated when they change so what you have there is the worst of both worlds. All the downside, no upside.

-- Scott

More information about the users mailing list