[cabfpub] about EV period for Gov
Ryan Sleevi
sleevi at google.com
Mon Nov 17 23:45:53 MST 2014
On Nov 17, 2014 8:40 PM, "Richard Wang" <richard at wosign.com> wrote:
>
> Hi all,
>
>
>
> We plan to issue EV SSL certificate to government website to prevent
spoof site that there is a big problem in China.
>
>
>
> But the problem we faced is the too short period that they like to buy 5
years cert. Sure, I know it is not allowed even in OV SSL. Could we move
EV re-vetting for governments to 39 months (3 years + 3 months) because
they are “permanent” and the information doesn’t change very often? This
rule can be for .gov.cn domain only in China, for .gov in USA etc.
>
No.
The limitations of date do not just apply to vetting information, but to
providing an orderly and efficient window for making improvements and
deprecating insecure practices.
The Forum's BRs will soon see certs limited to 39 months, and this truly
represents a generous upper bound. I think an ideal frame would be 15, not
39, months, but 60 is certainly far too long.
>
>
> I checked many USA government sites are using EV SSL like CIA and UK
Companies House.
>
>
>
>
>
>
>
> Best Regards,
>
>
>
> Richard Wang
>
>
> WoSign CA Limited
>
> www.wosign.com<http://www.wosign.com/>
>
> Tel: +86-755-2602-7858
>
>
> ---------------------------------------
> This email is confidential and may be privileged. It may be read, copied
and used only by the intended recipient. If you have received it in error,
please contact the sender immediately by return email. Please then delete
the email and do not disclose its contents to any person. Thank you.
>
>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20141117/1ab90059/attachment.html
More information about the Public
mailing list