[cabfpub] Age of certificate data

Eddy Nigg eddy_nigg at startcom.org
Fri Jul 31 08:35:47 UTC 2015


On 07/30/2015 08:12 PM, Doug Beattie wrote:
> It appears that you can only re-use Certificate Data in support of 
> Routine Re-key requests now, is that true?  I could imagine some CAs 
> wanting to validate a domain once and let the enterprise re-use that 
> data for the time specified in support of issuing new certificates.
>

Even though I can see a particular situation for certain enterprise use 
(lets say an intermediate CA or similar product), considering relying on 
a domain control validation for 39 month sounds to me pretty dangerous 
and nuts. If that was the original intention I believe this should be 
changed.

-- 
Regards
Signer: 	Eddy Nigg, COO/CTO
	StartCom Ltd. <http://www.startcom.org>
XMPP: 	startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: 	Join the Revolution! <http://blog.startcom.org>
Twitter: 	Follow Me <http://twitter.com/eddy_nigg>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150731/4d5df158/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4313 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150731/4d5df158/attachment-0001.p7s>


More information about the Public mailing list