[cabfpub] OCSP Stapling and Short-Lived Certificates Proposal

Ryan Hurst ryan.hurst at globalsign.com
Sat Mar 23 17:28:49 UTC 2013

I agree that a shorter validity would be good however. I am concerned about the figures COMODO has shared regarding the pervasive times skews on the Internet.

Ryan Hurst
Chief Technology Officer
GMO Globalsign

twitter: @rmhrisk
email: ryan.hurst at globalsign.com
phone: 206-650-7926

Sent from my phone, please forgive the brevity.

On Mar 23, 2013, at 9:09 AM, "Eddy Nigg (StartCom Ltd.)" <eddy_nigg at startcom.org> wrote:

> On 03/23/2013 06:06 PM, From kirk_hall at trendmicro.com:
>> +1, Eddy.
>> Let’s move on reducing the time for updating CRLs and OCSP responses to respond to Ryan’s point.  That’s the best way to make revocation checking a must.
> Would you mind constructing a proposal along these lines?
> Regards 
> Signer: 	Eddy Nigg, COO/CTO
>  	StartCom Ltd.
> XMPP: 	startcom at startcom.org
> Blog: 	Join the Revolution!
> Twitter: 	Follow Me
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130323/ebe6cf72/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2098 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130323/ebe6cf72/attachment-0001.p7s>

More information about the Public mailing list