[cabfpub] Durations

[Rob Stradling]

On 05/02/17 21:45, Peter Bowen via Public wrote:
> Kirk,
>
> It actually started when I got complaints that the calculation I used in cablint was wrong.

FYI, here's where I "complained" to Peter:

https://github.com/awslabs/certlint/issues/27

> The rule in cablint is that April 18, 2017 to April 19, 2018 is longer than 12 months.  But people complained for 27 or 39 months that I should count from the end of the month — e.g. April 30, 2016 to July 31, 2019 should be 39 months.
>
> We have seen browsers start to enforce these durations at connection time.  I want to ensure that there is a common definition of the rules so I don’t end up issuing a certificate that I think is valid but someone else says is not, which then results in my customer having a really bad time.

I agree with Peter that it would make much more sense to define maximum 
validity periods in terms of numbers of days, not numbers of months.

<snip>

-- 
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online