[cabfpub] Lifecycle of EV certs
Eddy Nigg
eddy_nigg at startcom.org
Thu Mar 19 23:00:25 UTC 2015
On 03/20/2015 12:50 AM, Ryan Sleevi wrote:
> Indeed, I'd argue that the current EV lifetime is one of the few
> things where EV *is* a security improvement over DV/OV and thus
> potentially deserving of it's special UI status.
Can you explain what the security risks would be as you perceive it, if
the lifetime would be increased to three years in particular for EV?
(Btw. I find the 27 and 39 month rather stupid, nothing prevents from
re-validating and issuing a certificate after 24/36 month. It's just
adding another 3 month to something that can done exactly the same after
two/three full years.)
--
Regards
Signer: Eddy Nigg, COO/CTO
StartCom Ltd. <http://www.startcom.org>
XMPP: startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Twitter: Follow Me <http://twitter.com/eddy_nigg>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150320/7e31cb9d/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4313 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150320/7e31cb9d/attachment-0001.p7s>
More information about the Public
mailing list