[cabfpub] Lifecycle of EV certs

Eddy Nigg eddy_nigg at startcom.org
Thu Mar 19 16:00:25 MST 2015


On 03/20/2015 12:50 AM, Ryan Sleevi wrote:
> Indeed, I'd argue that the current EV lifetime is one of the few 
> things where EV *is* a security improvement over DV/OV and thus 
> potentially deserving of it's special UI status.

Can you explain what the security risks would be as you perceive it, if 
the lifetime would be increased to three years in particular for EV?

(Btw. I find the 27 and 39 month rather stupid, nothing prevents from 
re-validating and issuing a certificate after 24/36 month. It's just 
adding another 3 month to something that can done exactly the same after 
two/three full years.)

-- 
Regards
Signer: 	Eddy Nigg, COO/CTO
	StartCom Ltd. <http://www.startcom.org>
XMPP: 	startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: 	Join the Revolution! <http://blog.startcom.org>
Twitter: 	Follow Me <http://twitter.com/eddy_nigg>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20150320/7e31cb9d/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4313 bytes
Desc: S/MIME Cryptographic Signature
Url : https://cabforum.org/pipermail/public/attachments/20150320/7e31cb9d/attachment-0001.bin 


More information about the Public mailing list