4 comments

[ 4.3 ms ] story [ 20.5 ms ] thread
From the issue:

> So, there is in deed certificate issue. If one tries to execute "nuget verify -All <msnuget.nupkg>" there is clear evidence:

Subject Name: CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US SHA1 hash: F404000FB11E61F446529981C7059A76C061631E SHA256 hash: 3F9001EA83C560D712C24CF213C3D312CB3BFF51EE89435D3430BD06B5D0EECE Issued by: CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US Valid from: 26.02.2018 01:00:00 to 27.01.2021 13:00:00

So MS cert expired today at 13:00

It's weird that Microsoft didn't use any timestamping for the NuGet package. This wouldn't have been a direct issue then.