[cabfpub] Concerns regarding Mozilla Root Program/Baseline Requirements

Ryan Sleevi sleevi at google.com
Tue Aug 6 11:15:41 MST 2013


On Tue, Aug 6, 2013 at 9:42 AM, Eddy Nigg (StartCom Ltd.) <
eddy_nigg at startcom.org> wrote:

>
> On 08/03/2013 12:28 AM, From kirk_hall at trendmicro.com:
>
> We also agree.  We were part of all BR discussions, and the effect of rekeying was never discussed.
>
>
> There is no such a thing, it simply doesn't exist! There is only a
> certificate that is either valid, expired or revoked and every time a
> certificate is issued it's a NEW certificate. It has a new serial number
> and signature hash...and it may have similar properties as another
> certificate but it will never be the same certificate. Every time a CA
> issues a certificate it's a NEW certificate no matter what.
>
> And in this respect it must always comply to the relevant requirements and
> standards. The word "rekeying" is something CAs invented but it doesn't
> really exist - there is no certificate like the other and if there was we'd
> have far bigger problems now.
>
>
This was certainly our understanding as well.


>
>
>   Regards      Signer:  Eddy Nigg, COO/CTO    StartCom Ltd.<http://www.startcom.org>
> XMPP:  startcom at startcom.org  Blog:  Join the Revolution!<http://blog.startcom.org>
> Twitter:  Follow Me <http://twitter.com/eddy_nigg>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20130806/629eb6e1/attachment.html 


More information about the Public mailing list