Yes - several CAs issued 60 month+ certs prior to 1.0. In fact, 10 year certs were not especially uncommon. The validity period available depended largely on the CA.
-----Original Message----- From: dev-security-policy [mailto:dev-security-policy-bounces+jeremy.rowley=digicert....@lists.mozilla.org] On Behalf Of Daniel Cater via dev-security-policy Sent: Saturday, March 4, 2017 1:22 PM To: mozilla-dev-security-pol...@lists.mozilla.org Subject: Re: Maximum validity of pre-BR certificates On Saturday, 4 March 2017 20:14:09 UTC, Jeremy Rowley wrote: > 1.0 is not the definitive version any more. As of 2015‐04‐01, Section > 6.3.2 prohibits validity periods longer than 39 months. > Thanks for the prompt reply Jeremy. I realise this. My question relates to what the situation was (be it a guideline, policy, or just common practice) prior to version 1.0. The cablint message mentions 120 months and I was wondering where that number came from. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy