[cabfpub] Sunset for exceptions?

Peter Bowen pzb at amzn.com
Tue Jan 19 19:27:16 UTC 2016

The BRs contain at least two allowances for “legacy” certificate issuance:

6.1.7 (5) allows direct issuance of subscriber certificates from a root CA

6.3.2 allows certificates with validity periods longer than 39 months

Are these still needed?  Are CAs relying upon these exceptions?  If not, does it make sense to ballot to remove these from the BRs?


More information about the Public mailing list