It should come as no big surprise that I have documented this issue as our
first auditor compliance bug[1]:
https://bugzilla.mozilla.org/show_bug.cgi?id=1507376
I only included a brief summary of this discussion (and a link to it).
Others are welcome to comment if you feel that I have omitted
Once again, you snipped most of what I wrote.
Also not sure why your post has double reply marking.
On 13/11/2018 18:20, Ryan Sleevi wrote:
>>
>>
>>
>> On Tue, Nov 13, 2018 at 11:26 AM Jakob Bohm via dev-security-policy <
>> dev-security-policy@lists.mozilla.org> wrote:
>>
>>> Furthermore the
I agree with Tim on the interpretation and can confirm that my intent was
as Tim described.
Perhaps the confusion is over the purpose of the <30 day exception. It
wasn't to exempt legacy certificates near the end of their lifetime from
being revoked. It was to allow subscribers to begin using
Validity period is a defined term in the BRs and refers to the time between
issuance and expiry. Since the new language uses that term without any
modifiers like "remaining", it seems clear to me that both of those example
certificates would need to be revoked.
Hi Wayne, I wanted to get some clarification.
For example, let's say that a Subscriber has a 1 year certificate which expires
on 30 January 2019. On 15 January 2019, the remaining validity period is less
than 30 days; as such, I interpret that the certificate does not have to be
revoked.
On
On Wed, Nov 14, 2018 at 9:47 AM Vincent Lynch wrote:
> Was looking for some quick clarification on interpretation of this bit:
>
> *"All certificates containing an underscore character in any dNSName entry
> and having a validity period of more than 30 days MUST be revoked prior to
> January 15,
Was looking for some quick clarification on interpretation of this bit:
*"All certificates containing an underscore character in any dNSName entry
and having a validity period of more than 30 days MUST be revoked prior to
January 15, 2019."*
This language refers to the TOTAL validity period of
7 matches
Mail list logo
