[cabfpub] Ballot 185 - Next steps
Gervase Markham
gerv at mozilla.org
Fri Feb 24 18:57:32 UTC 2017
On 23/02/17 20:37, Peter Bowen via Public wrote:
> Is this accurate?
Not only is it accurate, it pretty much represents Mozilla's view as
well (if you remove the suggestions of "incompetence, malice, and
apathy”). In the CT Policy discussions, I proposed that every cert have
at least one embedded SCT so we can trust certificate issuance dates.
That didn't seem to be a very popular proposition.
Without that, reducing cert lifetime is the only way to make sure that
security or process improvements become ubiquitious in a reasonable
timeframe.
Gerv
More information about the Public
mailing list