On Mon, Jul 03, 2017 at 12:56:38AM +0000, Emmanuel Dreyfus wrote: > On Mon, Jul 03, 2017 at 12:45:17AM +0200, Joerg Sonnenberger wrote: > > The only problem I see is that outdated timezone data doesn't > > necessarily have a real world impact. Outdated root CAs can. > > Most of the time, outdated things in a system is dangerous. Known > security vulnearbilities accumulate over the time, and outdated > CA are just a bit of that problem. > > Oudated stuff that is not a security hazard, like timezone data, > is rather scarce.
Most outdated stuff is also not as serious a hazard as bad CA keys. -- David A. Holland dholl...@netbsd.org
