[cabfpub] Draft Ballot 185 - Limiting the Lifetime of Certificates

Ryan Sleevi sleevi at google.com
Sat Feb 4 13:25:24 UTC 2017


On Fri, Feb 3, 2017 at 8:02 PM, Eric Mill <eric at konklone.com> wrote:

> This ballot (to me, anyway) came out of nowhere without any prior
> discussion focused on a potential ballot, and it's a big change from the
> status quo on the CA side, so I can understand why it's caused a strong
> reaction.
>

Just for context, past discussions include

https://cabforum.org/pipermail/public/2016-March/007106.html
https://cabforum.org/2016/02/17/2016-02-17-minutes-of-f2f-meeting-37/
https://cabforum.org/2015/10/07/2015-10-07-face-to-face-meeting-minutes-meeting-36-istanbul/#Certificate-Validity-Periods
https://cabforum.org/2015/06/24/2015-06-24-face-to-face-meeting-35-minutes/
https://cabforum.org/2013/11/21/2013-11-21-minutes/
https://cabforum.org/pipermail/public/2013-November/002479.html

Basically, the Forum's been talking about it for quite some time. The
reactions and responses to Ballot 111 are fairly telling, in that we see
many of the same responses from the same members, three years later, and
nothing has changed.

I realize the proposition of the Ballot itself may be seen as "out of the
blue", but the fact how many incidents in 2017 alone where we've discovered
new misissuance, or we've discovered audit irregularities, provide ample
evidence that the current ecosystem and incentives are not aligned with
security. This is but one step in a positive direction.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170204/a73beb6e/attachment-0003.html>


More information about the Public mailing list