On 11/12/13 14:31, Kathleen Wilson wrote: > There are a few cases where customers are asking CAs for more time to > transition off of their 1024-bit certificates.
What exactly are CAs asking for? Are they asking for permission to continue issuing such certs? Or are they asking for permission to "not revoke" such certs? Are the certs concerned ones which are in environments where the servers using them would be accessed by a consumer web browser? > According to the Baseline Requirements, 1024-bit Subscriber Certificates > are supposed to be no longer valid by 31 Dec 2013. So such CAs would fail a BR audit if one were to take place between 31st Dec 2013 and the time when those certs expire or are revoked? > Starting a few months ago, CAs began contacting me with their concerns > about meeting this deadline, and needing a little bit longer for > customers to complete their transitions. Are we able to say roughly how many CAs are involved? And of those CAs, how many customers have problems? And for those customers, how many certs are involved? Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
