[cabfpub] Posted on behalf of customer

[Peter Bowen]

> On Dec 15, 2016, at 2:26 PM, Ryan Sleevi via Public <public at cabforum.org> wrote:
> 
> 
> 
> On Thu, Dec 15, 2016 at 2:05 PM, Dean Coclin via Public <public at cabforum.org <mailto:public at cabforum.org>> wrote:
> The below was written by FD and I am posting on their behalf:
> 
>  
> 
> When we requested our certificates previously, there was general acknowledgment in the forum that December 31 was the most difficult time for these certificates to expire. Even so, our request was limited so that the certificates were set to expire at this time and others were extended into 2017. The only justification for the difference in treatment was unrelated to the application itself. We believe that the coordinated decision to grant different extension dates was inappropriate for the members of the CA/B Forum who are competing entities acting as a standards setting organization. This individualized decision effectively prevents merchants from reaching one provider over another.
> 
> 
> To be clear: The CA/Browser Forum does not grant exceptions. Individual root stores do. And if a *single* root store disagrees to accept such a change, a CA issuing such a cert does so at their own peril of being removed from that root store for non-compliance with that root store.
> 
> So the suggestion of coordination is both factually and materially incorrect and misleading, based on a misunderstanding of the exception process. 

It is also worth noting that not all root stores are represented in the Forum.  Even of those that are, some have explicitly stated that they don’t want to use a public discussion list as the venue to handle these requests; they want direct contact from the CA.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20161215/74b6fcb8/attachment-0003.html>