[cabfpub] Ballot 173 - Removal of requirement to cease use of private key due to incorrect certificate info

[Gervase Markham]

Hi Rich,

On 22/07/16 18:27, Rich Smith wrote:
> As I believe I stated the last time I brought this up, I chose 6 months
> because I know for a fact that several member CAs plan their dev
> roadmaps out that far because they have stated as much in discussion of
> time tables on various ballots. 

As they told me in my first job, "what is a plan? A basis for change". I
think any CA which decides what development it is going to do 6 months
in advance and has no capacity to react to events is not using a
development paradigm which fits the nature of its industry. Clearly
something that involves major reworkings needs significant lead time,
but most CAB Forum ballots are more at the "tweak" end of the scale -
add this OID here, change this field there, modify this CPS here.

So I think a shorter value should be normal, and a longer one needs to
be argued for on a case-by-case basis. And if a particular CA keeps
finding itself blindsided by 45-day requirements for cert contents
tweaks that it can't meet, it needs to become more agile (small-a or
big-A :-).

Gerv