[cabfpub] SHA-1 changes and certificate lifetimes

Phillip Hallam-Baker philliph at comodo.com
Wed Nov 13 13:05:12 UTC 2013


On Nov 13, 2013, at 5:26 AM, Gervase Markham <gerv at mozilla.org> wrote:
> 
> 3) I am curious as to whether any CAs are actually needing to take
> advantage of the "continuing issuance exception" in the latter part of
> section 9.4.1. It requires a system that "fails to operate if the
> Validity Period is shorter than 60 months". My gut tells me that there
> must be very few systems like that indeed. Does anyone have information
> to report on this question?

I am pretty sure that we will discover that there are non-browser applications of certs that cause some people to ask for exceptions.




More information about the Public mailing list