Yes, issuing a six-day cert would have been a violation of our CPS had we not previously changed its phrasing. Before issuing our first short-lived cert, we carefully reviewed our CPS to ensure that the new profile would not violate any of the constraints in that document.
And I'm sure several people in this thread realize that we have done so, given that we publicly announced it back in February ( https://letsencrypt.org/2025/02/20/first-short-lived-cert-issued/). Aaron On Sun, Jun 15, 2025, 07:32 Suchan Seo <tjtn...@gmail.com> wrote: > about vague CSP obscure what a CA really does, Let's Encrypt had signed > some 6 day certificate after editing CSR to less than 100 days. > https://crt.sh/?id=16774666176 > but nobody in this thread realizes that, because nothing on CSR indicates > they'd likely sign something much shorter than that. > P.S Would those 6 day certificate considered misissuance if LE kept 90 > days wording in CSR? > 2025년 6월 15일 일요일 오후 10시 36분 22초 UTC+9에 Mike Shaver님이 작성: > >> On Sun, Jun 15, 2025 at 12:13 AM Jeremy Rowley <rowl...@gmail.com> wrote: >> >>> Given the number of bugs related to CPS errors, >>> >> >> Perhaps you’re in a position to answer this question: how many bugs >> *have* there been in the last few years related to CPS errors, and how many >> certs have been subject to revocation for that reason, pre-Microsoft? >> >> Mike >> >> -- > You received this message because you are subscribed to the Google Groups " > dev-security-policy@mozilla.org" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to dev-security-policy+unsubscr...@mozilla.org. > To view this discussion visit > https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/37c6ba54-7c54-45ce-b82e-c44e68fc37e0n%40mozilla.org > <https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/37c6ba54-7c54-45ce-b82e-c44e68fc37e0n%40mozilla.org?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "dev-security-policy@mozilla.org" group. To unsubscribe from this group and stop receiving emails from it, send an email to dev-security-policy+unsubscr...@mozilla.org. To view this discussion visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CAEmnErcfxtX7SNsHeNzKFp4ZycMtwWpaxgfZOjD1nnPJ%3DtN3sw%40mail.gmail.com.
