On Thu, Feb 25, 2021 at 7:55 PM Clint Wilson via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote:
> I think it makes sense to separate out the date for domain validation > expiration from the issuance of server certificates with previously > validated domain names, but agree with Ben that the timeline doesn’t seem > to need to be prolonged. What about something like this: > > 1. Domain name or IP address verifications performed on or after July 1, > 2021 may be reused for a maximum of 398 days. > 2. Server certificates issued on or after September 1, 2021 must have > completed domain name or IP address verification within the preceding 398 > days. > > This effectively stretches the “cliff” out across ~6 months (now through > the end of August), which seems reasonable. > Yeah, that does sound reasonable. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
