On 02/07/2012 05:52 PM, Erwann ABALEA wrote: > 2012/2/7 Jacob Appelbaum <[email protected]> > [...] > > >>> As was pointed out, this cert was issued in 2010. The CAB Forum has >>> addressed the issuance of SSL certs to non FQDNs in the baseline >>> requirements which were recently adopted. >>> >> >> Is it true that the new requirements won't come into effect until 2016? >> > > Any CA can choose to apply these requirements now. For some of them, it's > easy, since they never produced such certificates. > Such certificates were listed in "Problematic practices" in the Mozilla CA > Policy, but tolerated. Kind of a grey zone. > > The delay until 2016 is a compromise so all implied actors can find a > different solution for their own problems. >
Compromise indeed. All the best, Jacob
