[Servercert-wg] Ballot SC22: Reduce Certificate Lifetimes

Tim Hollebeek tim.hollebeek at digicert.com
Mon Aug 19 15:15:49 MST 2019


If my blog posts have the power to massively change perceptions in the way that you’re implying, I’ll take it as a compliment.  It would indicate that people found it extremely perceptive and convincing.

 

Sadly, that is unlikely to be the case.  As evidence, I’ll point out that positions were roughly the same the last time we balloted this issue, not so long ago.

 

-Tim

 

From: Ryan Sleevi <sleevi at google.com> 
Sent: Monday, August 19, 2019 6:03 PM
To: Tim Hollebeek <tim.hollebeek at digicert.com>
Cc: CA/B Forum Server Certificate WG Public Discussion List <servercert-wg at cabforum.org>
Subject: Re: [Servercert-wg] Ballot SC22: Reduce Certificate Lifetimes

 

 

 

On Mon, Aug 19, 2019 at 5:35 PM Tim Hollebeek <tim.hollebeek at digicert.com <mailto:tim.hollebeek at digicert.com> > wrote:

DigiCert initiated a customer survey to solicit feedback on the proposed ballot 

to shorten certificate lifetimes (response size = 545). The survey included some 

demographic questions followed by specific inquiries on certificate usage and 

effects the change would have on customers. The results are below. There were 

many comments that accompanied the survey and we are working to include those 

in a follow-up post. We present the numerical results here and are available to 

answer questions that may arise.

 

Hi Tim,

 

Was this part of the same survey that represented the motivation for reduced certificate lifetimes was phishing, and indicated DigiCert's opposition to reduced lifetimes? Specifically, https://resources.digicert.com/blog/new-ca-b-forum-proposal-to-shorten-certificate-lifetimes-will-it-improve-security This was the same post that suggested that it was the CA/Browser Forums' fault when CAs misimplement or refuse to follow the Baseline Requirements, rather than the CA that was actively misissuing. The post importantly suggests that DigiCert sees no (significant) security benefits, so I can understand how it might influence certain opinions.

 

If it was not, could you indicate if that post was before, during, or after the survey had concluded?  

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20190819/8bedaa4e/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4940 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20190819/8bedaa4e/attachment-0001.p7s>


More information about the Servercert-wg mailing list