[cabfpub] EV Code Signing maximum validity

Eddy Nigg (StartCom Ltd.) eddy_nigg at startcom.org
Fri Apr 12 19:39:01 UTC 2013

On 04/12/2013 10:23 PM, From Rob Stradling:
> Jeremy wrote "The risk with long-term EV Code Signing certs is 
> primarily a loss of the private key, which is why we required a 
> hardware token."
> I have to agree that "loss of the private key" is a significant problem.

There is no reason to deny it and I agree as well - however, were those 
EV validated certificates (or validated to the same level)? In my 
opinion there are a couple of problems for both sides with this 
(hardware token) requirement which hinders adoption as well. Not that we 
wouldn't favor everybody using some hardware token, requiring is a problem.

Signer: 	Eddy Nigg, COO/CTO
	StartCom Ltd. <http://www.startcom.org>
XMPP: 	startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: 	Join the Revolution! <http://blog.startcom.org>
Twitter: 	Follow Me <http://twitter.com/eddy_nigg>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130412/57c2712d/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4540 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130412/57c2712d/attachment-0001.p7s>

More information about the Public mailing list