[cabfpub] Ballot proposal for Issuance Date
Peter Bowen
pzb at amzn.com
Thu Sep 22 16:02:23 MST 2016
I would like to propose a change to cover a current gap in the BRs. Right now there is no clear link from content in the certificate to the date of issuance of the certificate. I would propose the following change to the BR. Note that this intentionally only covers Subscriber (End-entity) certificates, not CA certificates.
What do others think?
Definitions:
(new) Issuance Date: The latest of the notBefore value of a certificate and the time value of any cryptographically signed timestamps included in a certificate
(modified) Validity Period: The period of time measured from the Issuance Date of a Certificate is issued until the Expiry Date of a Certificate.
(new) 7.1.2.3(g) Issuance Date
The Issuance Date of the certificate must be no more than 24 hours from (either before or after) the date when the CA signed the certificate.
Thanks,
Peter
More information about the Public
mailing list