Re: New Blog Post on 398-Day Certificate Lifetimes

Hi Christian, I think your concern is about how our code will enforce this. Because our policy only applies to roots that are built in, our intent is to have our code apply this restriction only to certificates that chain up to built-in roots. Thanks, Ben On Mon, Jul 13, 2020 at 10:37 PM

Re: SECURITY RELEVANT FOR CAs: The curious case of the Dangerous Delegated Responder Cert

2020-07-13 13:39 GMT-04:00 Chema Lopez via dev-security-policy : > From my point of view, the arguments at > https://www.mail-archive.com/dev-security-policy@lists.mozilla.org/msg13642.html > are > as incontestable as the ones stated by Corey Bonnell here: >