RE: Maximum validity of pre-BR certificates

Jeremy Rowley via dev-security-policy Sat, 04 Mar 2017 12:25:09 -0800

Yes - several CAs issued 60 month+ certs prior to 1.0. In fact, 10 year certs 
were not especially uncommon. The validity period available depended largely on 
the CA.

-----Original Message-----
From: dev-security-policy 
[mailto:dev-security-policy-bounces+jeremy.rowley=digicert....@lists.mozilla.org]
 On Behalf Of Daniel Cater via dev-security-policy
Sent: Saturday, March 4, 2017 1:22 PM
To: mozilla-dev-security-pol...@lists.mozilla.org
Subject: Re: Maximum validity of pre-BR certificates

On Saturday, 4 March 2017 20:14:09 UTC, Jeremy Rowley  wrote:
> 1.0 is not the definitive version any more.  As of 2015‐04‐01, Section
> 6.3.2 prohibits validity periods longer than 39 months.
> 

Thanks for the prompt reply Jeremy. I realise this. My question relates to what 
the situation was (be it a guideline, policy, or just common practice) prior to 
version 1.0.

The cablint message mentions 120 months and I was wondering where that number 
came from.
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

RE: Maximum validity of pre-BR certificates

Reply via email to