[cabfpub] Concerns regarding Mozilla Root Program/BaselineRequirements

i-barreira at izenpe.net i-barreira at izenpe.net
Thu Aug 8 10:12:37 UTC 2013

Totally true.



Iñigo Barreira
Responsable del Área técnica
i-barreira at izenpe.net




ERNE! Baliteke mezu honen zatiren bat edo mezu osoa legez babestuta egotea. Mezua badu bere hartzailea. Okerreko helbidera heldu bada (helbidea gaizki idatzi, transmisioak huts egin) eman abisu igorleari, korreo honi erantzuna. KONTUZ!
ATENCION! Este mensaje contiene informacion privilegiada o confidencial a la que solo tiene derecho a acceder el destinatario. Si usted lo recibe por error le agradeceriamos que no hiciera uso de la informacion y que se pusiese en contacto con el remitente.


De: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] En nombre de Eddy Nigg (StartCom Ltd.)
Enviado el: martes, 06 de agosto de 2013 18:42
Para: public at cabforum.org >> "public at cabforum.org"
Asunto: Re: [cabfpub] Concerns regarding Mozilla Root Program/BaselineRequirements


On 08/03/2013 12:28 AM, From kirk_hall at trendmicro.com: 

We also agree.  We were part of all BR discussions, and the effect of rekeying was never discussed.

There is no such a thing, it simply doesn't exist! There is only a certificate that is either valid, expired or revoked and every time a certificate is issued it's a NEW certificate. It has a new serial number and signature hash...and it may have similar properties as another certificate but it will never be the same certificate. Every time a CA issues a certificate it's a NEW certificate no matter what.

And in this respect it must always comply to the relevant requirements and standards. The word "rekeying" is something CAs invented but it doesn't really exist - there is no certificate like the other and if there was we'd have far bigger problems now.




Eddy Nigg, COO/CTO


StartCom Ltd. <http://www.startcom.org> 


startcom at startcom.org


Join the Revolution! <http://blog.startcom.org> 


Follow Me <http://twitter.com/eddy_nigg> 



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130808/2003f1a0/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 19121 bytes
Desc: image001.png
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130808/2003f1a0/attachment-0003.png>

More information about the Public mailing list