On Tue, 28 Feb 2017 04:29:20 -0800 (PST) Itzhak Daniel via dev-security-policy <dev-security-policy@lists.mozilla.org> wrote:
> I also would like to have an official reply from GlobalSign saying > that "on the date they issue the certificate the domain exists". Note that the BRs do not require a domain to exist when a CA issues a DV/OV certificate for it. The BRs only require that the CA validated the domain at some point in the 39 months prior to issuance. I hope this can be changed, since it doesn't seem right that someone can validate a domain once and still have a valid certificate for it 6.5 years later, even if the domain registration lapsed or changed hands. Regards, Andrew _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy