[cabfpub] Concerns regarding Mozilla Root Program/Baseline Requirements

Eddy Nigg (StartCom Ltd.) eddy_nigg at startcom.org
Thu Aug 8 15:57:13 UTC 2013

On 08/08/2013 05:48 PM, From kirk_hall at trendmicro.com:
> Can you provide an example of "an extension of my argument," some action by a CA that is rekeying an existing BR, that could lead to serious problems?  What kind of pre-BR cert, if rekeyed (reissued) by the CA for the same expiration date, will cause some new problem?  I can't think of any.

Conveniently you ignore the fact that there isn't such a thing "rekey" 
or "reissue" - the BR has definitions for how long you can rely on 
previous validated data (way too long anyway, but that's beside the 
point) and what you must do every time you issue a certificate.

Signer: 	Eddy Nigg, COO/CTO
	StartCom Ltd. <http://www.startcom.org>
XMPP: 	startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: 	Join the Revolution! <http://blog.startcom.org>
Twitter: 	Follow Me <http://twitter.com/eddy_nigg>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130808/c5e506b3/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4540 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130808/c5e506b3/attachment-0001.p7s>

More information about the Public mailing list