[Cscwg-public] Compliance dates

Tim Hollebeek tim.hollebeek at digicert.com
Mon Jan 31 17:37:50 UTC 2022

Yes, but I thought I’d start here, since we just discussed it on a recent code signing call.  It would be nice if we aligned on a set of dates like these across all groups.


From: Ben Wilson <bwilson at mozilla.com>
Sent: Friday, January 28, 2022 1:10 PM
To: Tim Hollebeek <tim.hollebeek at digicert.com>; cscwg-public at cabforum.org
Subject: Re: [Cscwg-public] Compliance dates

Should this email be sent to a broader group? It seems to apply to server certificates, SMIME, netsec, root programs, etc.

On Fri, Jan 28, 2022 at 7:30 AM Tim Hollebeek via Cscwg-public <cscwg-public at cabforum.org<mailto:cscwg-public at cabforum.org>> wrote:

While people are under no obligation to follow my recommendations, I have been trying to encourage people to move towards a smaller number of compliance deadline dates, instead of various other alternative date selection algorithms that involve calendars and darts.  This would greatly assist everyone including CAs, root programs, and customers in keeping track of what needs to be changed by when.

It turns out that the 15th of odd months might be an idea to work towards.  It avoids the starts and ends of months (which are more likely to have holidays), and it seems to miss most of the problematic time periods like the winter holidays, Chinese new year, etc.

The preferred list would be:

January 15th, March 15th, May 15th, July 15th, September 15th, and November 15th.

None of these dates are ever more than 30 days away from any arbitrary deadline you might choose, so it might make sense to choose the closest one of these instead.

If people have alternative ideas or proposals, feel free, I just wanted to put something out there to start the discussion.

Cscwg-public mailing list
Cscwg-public at cabforum.org<mailto:Cscwg-public at cabforum.org>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20220131/39183fa9/attachment.html>

More information about the Cscwg-public mailing list