<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<br>
On 08/08/2013 05:48 PM, From <a class="moz-txt-link-abbreviated" href="mailto:kirk_hall@trendmicro.com:">kirk_hall@trendmicro.com:</a>
<blockquote
cite="mid:EF70381B2D29784EA4FC66042BE81EAF73E0AA@SJDCEXMBX03.us.trendnet.org"
type="cite">
<pre wrap="">Can you provide an example of "an extension of my argument," some action by a CA that is rekeying an existing BR, that could lead to serious problems? What kind of pre-BR cert, if rekeyed (reissued) by the CA for the same expiration date, will cause some new problem? I can't think of any.</pre>
</blockquote>
<br>
Conveniently you ignore the fact that there isn't such a thing
"rekey" or "reissue" - the BR has definitions for how long you can
rely on previous validated data (way too long anyway, but that's
beside the point) and what you must do every time you issue a
certificate.<br>
<br>
<br>
<div class="moz-signature">
<table border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td colspan="2">Regards </td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
<tr>
<td>Signer: </td>
<td>Eddy Nigg, COO/CTO</td>
</tr>
<tr>
<td> </td>
<td><a href="http://www.startcom.org">StartCom Ltd.</a></td>
</tr>
<tr>
<td>XMPP: </td>
<td><a href="xmpp:startcom@startcom.org">startcom@startcom.org</a></td>
</tr>
<tr>
<td>Blog: </td>
<td><a href="http://blog.startcom.org">Join the Revolution!</a></td>
</tr>
<tr>
<td>Twitter: </td>
<td><a href="http://twitter.com/eddy_nigg">Follow Me</a></td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
</tbody>
</table>
</div>
</body>
</html>