[cabfpub] [cabfquest] Question about reissuance regulations

Eddy Nigg eddy_nigg at startcom.org
Mon Jan 5 15:23:54 MST 2015


On 01/05/2015 09:26 PM, Jeremy Rowley wrote:
>
> Hi Davis,
>
> There aren't requirements that a CA re-perform domain validation upon 
> reissuance. Section 11.3 of the BRs permit a CA to reuse documentation 
> for up to 39 months from the date it is collected.
>

If that's true it would be a serious flaw in the BR. Mustn't a domain be 
re-validated at least after max 13 month? Personally I would expect any 
reasonable CA to revalidate more frequently anyway.

Also the web trust audit has requirements for identifying certificate 
requests and its authorization, not sure where the BR stands on this 
(without reading the whole thing again).

-- 
Regards
Signer: 	Eddy Nigg, COO/CTO
	StartCom Ltd. <http://www.startcom.org>
XMPP: 	startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: 	Join the Revolution! <http://blog.startcom.org>
Twitter: 	Follow Me <http://twitter.com/eddy_nigg>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20150106/ecdae2b0/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4313 bytes
Desc: S/MIME Cryptographic Signature
Url : https://cabforum.org/pipermail/public/attachments/20150106/ecdae2b0/attachment.bin 


More information about the Public mailing list