[cabfpub] SHA-1 exception request
Ryan Sleevi
sleevi at google.com
Tue Oct 18 23:40:20 UTC 2016
On Tue, Oct 18, 2016 at 4:37 PM, Gervase Markham <gerv at mozilla.org> wrote:
> On 18/10/16 16:35, Ryan Sleevi wrote:
> > On Tue, Oct 18, 2016 at 4:34 PM, Dean Coclin via Public
> > <public at cabforum.org <mailto:public at cabforum.org>> wrote:
> >
> > While I'm not the technical expert here, assuming we could, wouldn't
> > they
> > then need to undergo the 10 day eval period?
> >
> > Yes
>
> And wouldn't that push the date past the expiry date of their existing
> certs?
>
Unfortunately, potentially so. But I don't think it would be appropriate to
be granting even further exceptions to an inability to follow a policy
announced months ago, for the same moral hazard reason of allowing
exceptions beyond Dec 31, 2016, when it's spelled out at
https://github.com/awhalley/docs-for-comment/blob/master/SHA1RequestProcedure.MD#existing-certificate-information
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20161018/ac841b7d/attachment-0003.html>
More information about the Public
mailing list