zlacker

This would be revoked soon enough right?

>>ramsha+(OP)
Probably not as revoking would likely break NVIDIA drivers.

>>ramsha+(OP)
> Code signed with this cert will, in the right conditions, be accepted by Windows even though the certificate has expired.

The right conditions: https://twitter.com/BillDemirkapi/status/1499735326406938625

>>encryp+O9
Oh well. They should be revoked ASAP anyway. Old releases can be re-signed then re-downloaded.

Any situation where certs cannot be revoked for any reason is bad.

>>ramsha+(OP)
Probably not. It's an expired certificate, and AFAIK, expired certificates are removed from certificate revocation lists.

>>willis+jc
The problem is re-downloading. I think this will take some time.

>>encryp+O9
Very unlikely NVIDIA have been signing with an expired cert for 5 years.

The real reason this is problematic is that Windows kernel driver signing wasn't complete before 2015. For signing (of anything) to be robust, it must be paired with a timestamping server. The signature then has these components:

1. The signature itself.

2. The certificate.

3. A data structure containing a hash of the signature, and a timestamp, signed by a timestamping authority.

The purpose of (3) is to prove when the signature was computed, which in turn means that signatures can live longer than the certificates themselves. Note that normal Windows (and Apple) code signing for user space gets this right for a long time. Apparently Windows didn't in kernel mode until 7 years ago.

Introducing timestamping isn't all that easy. If you stop accepting signatures because the underlying certificate expired, then you just put a time bomb in everyone's computers. So Microsoft had to allow the usage of expired certs and hope they'd never leak. They (eventually) lost that bet and the cert will now be revoked, but it won't have been used for many years so probably the overall damage is small.