[cabfpub] Draft Ballot 185 - Limiting the Lifetime of Certificates
sleevi at google.com
Thu Feb 2 22:23:05 UTC 2017
On Thu, Feb 2, 2017 at 7:52 AM, Steve Medin <Steve_Medin at symantec.com>
> If it’s incredibly difficult, how is this a discussion for an industry
> forum rather than a stated policy technically enforced by the parties who
> see certificates valid longer than 13 months as a threat to their user base?
Mostly it's an opportunity for CAs to share reasons and actionable data
about why this would be unreasonable.
As a representative of a CA responsible for considerable misissuance, I
would have thought you'd be supportive of efforts to improve security by
reducing the risk and damage caused by rogue employees, rogue RAs, and
whatever rogue elements might cause future misissuance.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Public