[cabfpub] OCSP Stapling and Short-Lived Certificates Proposal
Ryan Hurst
ryan.hurst at globalsign.com
Sat Mar 23 17:28:49 UTC 2013
I agree that a shorter validity would be good however. I am concerned about the figures COMODO has shared regarding the pervasive times skews on the Internet.
Ryan Hurst
Chief Technology Officer
GMO Globalsign
twitter: @rmhrisk
email: ryan.hurst at globalsign.com
phone: 206-650-7926
Sent from my phone, please forgive the brevity.
On Mar 23, 2013, at 9:09 AM, "Eddy Nigg (StartCom Ltd.)" <eddy_nigg at startcom.org> wrote:
>
> On 03/23/2013 06:06 PM, From kirk_hall at trendmicro.com:
>>
>> +1, Eddy.
>>
>> Let’s move on reducing the time for updating CRLs and OCSP responses to respond to Ryan’s point. That’s the best way to make revocation checking a must.
>
> Would you mind constructing a proposal along these lines?
>
>
> Regards
>
> Signer: Eddy Nigg, COO/CTO
> StartCom Ltd.
> XMPP: startcom at startcom.org
> Blog: Join the Revolution!
> Twitter: Follow Me
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130323/ebe6cf72/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2098 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130323/ebe6cf72/attachment-0001.p7s>
More information about the Public
mailing list