Nelson B Bolyard wrote: > But one could imagine that we make use of them, and allow the values of > the CKA_END_DATE to be different from (earlier than) the notAfter date > in the related certificate.
It's good to know that this is technically possible. But actually, I don't see this as a high priority. We have more important things to worry about than people who are still using Firefox 4 in 2020. We can enforce whatever requirements we have on key lengths etc. using policy and cert. removals. We don't need a technical solution. Gerv _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
