about vague CSP obscure what a CA really does, Let's Encrypt had signed some 6 day certificate after editing CSR to less than 100 days. https://crt.sh/?id=16774666176 but nobody in this thread realizes that, because nothing on CSR indicates they'd likely sign something much shorter than that. P.S Would those 6 day certificate considered misissuance if LE kept 90 days wording in CSR? 2025년 6월 15일 일요일 오후 10시 36분 22초 UTC+9에 Mike Shaver님이 작성:
> On Sun, Jun 15, 2025 at 12:13 AM Jeremy Rowley <[email protected]> wrote: > >> Given the number of bugs related to CPS errors, >> > > Perhaps you’re in a position to answer this question: how many bugs *have* > there been in the last few years related to CPS errors, and how many certs > have been subject to revocation for that reason, pre-Microsoft? > > Mike > > -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/37c6ba54-7c54-45ce-b82e-c44e68fc37e0n%40mozilla.org.
