[Servercert-wg] Fwd: Data Reuse under BR 3.2.2.4.3 (Phone Contact with Domain Contact)
Ryan Sleevi
sleevi at google.com
Tue Apr 21 08:59:37 MST 2020
On Tue, Apr 21, 2020 at 11:49 AM Ben Wilson via Servercert-wg <
servercert-wg at cabforum.org> wrote:
> All,
> Section 3.2.2.4.3 of the BRs says, "CAs SHALL NOT perform validations
> using this method after May 31, 2019. Completed validations using this
> method SHALL continue to be valid for subsequent issuance per the
> applicable certificate data reuse periods." If that is 825 days, then
> would that be until Aug. 20, 2021? If it isn't 825 days, then what should
> it be?
>
I'm not sure I follow. Are you trying to indicate 825 days from the last
possible validation performed? Because it's not that all validations can
continue to be used until Aug 20, 2021, certainly.
Assuming a validation on May 30, 2019 (as an example), then as written,
they could validate a certificate 825 days, and as written in the BRs, that
certificate would be valid for 825 days. Which means not until December 5,
2023 (in this example) would we know for sure that domains validated this
method are not being used. Unless, of course, certificate lifetime is
reduced.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20200421/f9742b4d/attachment.html>
More information about the Servercert-wg
mailing list