On 05/02/17 21:45, Peter Bowen via Public wrote:
Kirk,
It actually started when I got complaints that the calculation I used in
cablint was wrong.
FYI, here's where I "complained" to Peter:
https://github.com/awslabs/certlint/issues/27
The rule in cablint is that April 18, 2017 to April 19, 2018 is longer than 12
months. But people complained for 27 or 39 months that I should count from the
end of the month — e.g. April 30, 2016 to July 31, 2019 should be 39 months.
We have seen browsers start to enforce these durations at connection time. I
want to ensure that there is a common definition of the rules so I don’t end up
issuing a certificate that I think is valid but someone else says is not, which
then results in my customer having a really bad time.
I agree with Peter that it would make much more sense to define maximum
validity periods in terms of numbers of days, not numbers of months.
<snip>
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
_______________________________________________
Public mailing list
[email protected]
https://cabforum.org/mailman/listinfo/public
