[cabfpub] about EV period for Gov

Fri Nov 21 07:08:55 MST 2014

I do have some concerns about "Let's Encrypt", but despite the unfortunate use of "automatic" in various places on the website, renewal for Let's Encrypt is automated, but not automatic.  Verification is still required.  So the cert period still matters.

-Tim

-----Original Message-----
From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On Behalf Of Richard Wang
Sent: Friday, November 21, 2014 8:13 AM
To: i-barreira at izenpe.net
Cc: public at cabforum.org
Subject: Re: [cabfpub] about EV period for Gov

In the "Let's Encrypt" time, no one care about the cert period, all are automatically renew.
So my this topic is NOT a topic now.

Regards,

Richard

> On Nov 21, 2014, at 17:19, "i-barreira at izenpe.net" <i-barreira at izenpe.net> wrote:
>
> Basically in Europe (and depending on every national legislation) the vetting procedures are not tied to the lifecicle of the certificate. For example, for QCs, the vetting is every 5 years, but you can issue certs with lower validity periods.
>
>
> Iñigo Barreira
> Responsable del Área técnica
> i-barreira at izenpe.net
> 945067705
>
>
> ERNE! Baliteke mezu honen zatiren bat edo mezu osoa legez babestuta egotea. Mezua badu bere hartzailea. Okerreko helbidera heldu bada (helbidea gaizki idatzi, transmisioak huts egin) eman abisu igorleari, korreo honi erantzuna. KONTUZ!
> ATENCION! Este mensaje contiene informacion privilegiada o confidencial a la que solo tiene derecho a acceder el destinatario. Si usted lo recibe por error le agradeceriamos que no hiciera uso de la informacion y que se pusiese en contacto con el remitente.
>
>
> -----Mensaje original-----
> De: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org]
> En nombre de Gervase Markham Enviado el: miércoles, 19 de noviembre de
> 2014 16:54
> Para: kirk_hall at trendmicro.com; CABFPub
> Asunto: Re: [cabfpub] about EV period for Gov
>
>> On 19/11/14 00:23, kirk_hall at trendmicro.com wrote:
>> I’m not taking a position either way, but there are more
>> possibilities if vetting cycles are not necessarily linked to maximum
>> certificate lifespan.
>
> That's an interesting idea.
>
> Are CAs able to give some idea as to the relative weight behind various possible reasons for resistance to a lower maximum limit for certificate lifetime? Some reasons might be:
>
> * Hassle and expense of doing the vetting again
> * Inconvenience for the customer in having to change their cert
> * (Other)
>
> Gerv
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> http://scanmail.trustwave.com/?c=4062&d=nrrv1NdRBKbzYCK_awUHSy7toQb3us
> elYSFBHM7kXQ&s=5&u=https%3a%2f%2fcabforum%2eorg%2fmailman%2flistinfo%2
> fpublic _______________________________________________
> Public mailing list
> Public at cabforum.org
> http://scanmail.trustwave.com/?c=4062&d=nrrv1NdRBKbzYCK_awUHSy7toQb3us
> elYSFBHM7kXQ&s=5&u=https%3a%2f%2fcabforum%2eorg%2fmailman%2flistinfo%2
> fpublic

________________________________

This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.