[cabfpub] Draft Ballot 185 - Limiting the Lifetime of Certificates
Dean Coclin
Dean_Coclin at symantec.com
Tue Feb 21 13:45:52 MST 2017
Not sure, I will pass on the question to ATT.
From: Public [mailto:public-bounces at cabforum.org] On Behalf Of Ryan Sleevi via Public
Sent: Tuesday, February 21, 2017 3:18 PM
To: Peter Bowen <pzb at amzn.com>
Cc: Ryan Sleevi <sleevi at google.com>; CA/Browser Forum Public Discussion List <public at cabforum.org>
Subject: Re: [cabfpub] Draft Ballot 185 - Limiting the Lifetime of Certificates
Dean,
Can you share whether or not that was the case for AT&T?
On Tue, Feb 21, 2017 at 11:43 AM, Peter Bowen <pzb at amzn.com<mailto:pzb at amzn.com>> wrote:
Many organizations have policies to not re-use keys between certificates. Dropping the validity period therefore effectively drops the key usage period.
On Feb 21, 2017, at 10:54 AM, Ryan Sleevi via Public <public at cabforum.org<mailto:public at cabforum.org>> wrote:
This doesn't seem particularly relevant - I haven't heard any suggestion that this is about ensuring frequent key rotation, as opposed to all the other policies and practices being attested to in conjunction with the keys.
On Tue, Feb 21, 2017 at 10:52 AM, Dean Coclin via Public <public at cabforum.org<mailto:public at cabforum.org>> wrote:
Posting on behalf of AT&T:
AT&T typically looks to NIST for guidance and reference on industry standards, see page 45 of the attached (NIST SP800-57-Pt1R4) document.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20170221/0af3603f/attachment-0001.html>
More information about the Public
mailing list