[Servercert-wg] Ballot SC22: Reduce Certificate Lifetimes

Ryan Sleevi sleevi at google.com
Mon Aug 19 15:02:46 MST 2019


On Mon, Aug 19, 2019 at 5:35 PM Tim Hollebeek <tim.hollebeek at digicert.com>
wrote:

> DigiCert initiated a customer survey to solicit feedback on the proposed
> ballot
>
> to shorten certificate lifetimes (response size = 545). The survey
> included some
>
> demographic questions followed by specific inquiries on certificate usage
> and
>
> effects the change would have on customers. The results are below. There
> were
>
> many comments that accompanied the survey and we are working to include
> those
>
> in a follow-up post. We present the numerical results here and are
> available to
>
> answer questions that may arise.
>

Hi Tim,

Was this part of the same survey that represented the motivation for
reduced certificate lifetimes was phishing, and indicated
DigiCert's opposition to reduced lifetimes? Specifically,
https://resources.digicert.com/blog/new-ca-b-forum-proposal-to-shorten-certificate-lifetimes-will-it-improve-security
This
was the same post that suggested that it was the CA/Browser Forums' fault
when CAs misimplement or refuse to follow the Baseline Requirements, rather
than the CA that was actively misissuing. The post importantly suggests
that DigiCert sees no (significant) security benefits, so I can understand
how it might influence certain opinions.

If it was not, could you indicate if that post was before, during, or after
the survey had concluded?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20190819/30c16150/attachment.html>


More information about the Servercert-wg mailing list