[cabfpub] Age of certificate data
Eddy Nigg
eddy_nigg at startcom.org
Fri Jul 31 01:35:47 MST 2015
On 07/30/2015 08:12 PM, Doug Beattie wrote:
> It appears that you can only re-use Certificate Data in support of
> Routine Re-key requests now, is that true? I could imagine some CAs
> wanting to validate a domain once and let the enterprise re-use that
> data for the time specified in support of issuing new certificates.
>
Even though I can see a particular situation for certain enterprise use
(lets say an intermediate CA or similar product), considering relying on
a domain control validation for 39 month sounds to me pretty dangerous
and nuts. If that was the original intention I believe this should be
changed.
--
Regards
Signer: Eddy Nigg, COO/CTO
StartCom Ltd. <http://www.startcom.org>
XMPP: startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Twitter: Follow Me <http://twitter.com/eddy_nigg>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20150731/4d5df158/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4313 bytes
Desc: S/MIME Cryptographic Signature
Url : https://cabforum.org/pipermail/public/attachments/20150731/4d5df158/attachment.bin
More information about the Public
mailing list