[cabfpub] Ballot 185 (Revised) - Limiting the Lifetime of Certificates

Geoff Keating geoffk at apple.com
Tue Feb 21 11:39:13 MST 2017


> On 21 Feb 2017, at 8:16 am, Ryan Sleevi via Public <public at cabforum.org> wrote:
> 
> 
> 
> On Mon, Feb 20, 2017 at 6:23 PM, Curt Spann via Public <public at cabforum.org <mailto:public at cabforum.org>> wrote:
> Apple votes Abstain.
> 
> Curt
> 
> Curt,
> 
> To the extent you can comment for Apple, can you clarify whether the abstention is related to:
> - Duration of validity (13 months)
> - Time to phase in (6 months)
> - Other?

We discussed this inside Apple, and came to the conclusion that while there was probably a small net benefit, there was uncertainty about the benefits and the costs, especially on the side of increasing costs, and a possibility the costs far outweighed the benefits.  All factors you mention were involved in the conclusion.

We would likely support a reduction to 27 months, with a reasonable phase-in time.  This would significantly reduce the uncertainty in the cost/benefit analysis because it is already in use for EV and because it has had more warning time.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20170221/8a155e89/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3321 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/public/attachments/20170221/8a155e89/attachment.bin>


More information about the Public mailing list