[cabfpub] SHA-1 changes and certificate lifetimes

Wayne Thayer wthayer at godaddy.com
Wed Nov 13 19:30:55 UTC 2013 

Hi Gerv,

On 13/11/13 10:59, Gervase Markham wrote:
>> I'm a bit surprised by this and don't see the relationship between 
>> this proposal and the new SHA-2 requirements. It is a fact that most 
>> all certs will have to be replaced in the next 3 years, but why does 
>> that imply that they need to be replaced with stronger certs that also 
>> expire in no more than 3 years?
>
>It is already the CAB Forum's stated intention to move the maximum issuance lifetime to 39 months. However, due to (if I remember
>correctly) concerns about outstanding legacy certs, and that some CAs might be unduly penalised as they were greater users of longer-life certs than others, it was not thought possible to make >such a change immediately. So, some time ago, we set the date as April 2015.
>
>Now, however, there is no unlevel playing field or outstanding long-lived legacy base because all (or almost all) existing certs now have an effective lifetime of just over 3 years. So it seems a good >opportunity to move the already-agreed deadline to match the /de facto/ deadline.

There will still be the same "long-lived legacy base" of certificates until they are replaced with SHA-2 sometime between now and Jan 1, 2017.  This proposal doesn't force these to be replaced with shorter duration certificates.

I still don't understand how this proposal is connected to the new SHA-2 rules.  Maybe the concern is that CAs will "upsell" customers to a new cert when replacing their existing SHA-1 certs, thus inflating the number of 4 & 5 year certs issued over the next year?

>
>> In addition, reducing the allowed lifetime actually makes it harder to 
>> transition longer duration certs to SHA-2.  If a CA issues a 5 year 
>> SHA-1 cert today and then can't reissue it with SHA-2 for the full 
>> term starting on Jan 1, then perhaps the least bad choice is to wait 
>> until the remaining lifetime of the cert is less than 39 months.
>
>That would be an entirely reasonable thing to do.

It seems to me that a more reasonable thing would be to start transitioning customers with these certs to SHA-2 as soon as possible.

>
>> Speaking as a CA that sells 4 & 5 year duration certificates, changing 
>> the date to 1/1/2014 doesn't give me nearly enough time to cleanly 
>> transition away from the longer durations.
>
>Are all the 4 and 5 year duration certs you are selling at the moment SHA-2, then?

No, not many, but they will be very soon.  It's not sensible to issue a cert that will stop working in Windows on Jan 2, 2017 but doesn't expire until 2018.
>
>Gerv

More information about the Public mailing list