Re: Clarification about Ballot 193 and validity of a certificate issued on March 1st

> Yeah, I completely get how that would happen. I would just think this is a good learning opportunity to protect against ambiguously written text by giving a day's buffer. I absolutely agree Eric, and this is the primary reason I'm sharing this issue here. I am playing the role of a CA and

Re: Clarification about Ballot 193 and validity of a certificate issued on March 1st

On Sun, Apr 22, 2018 at 5:01 PM, Rob Stradling wrote: > On 22/04/18 21:04, Eric Mill via dev-security-policy wrote: > >> On Fri, Apr 20, 2018 at 9:30 AM, Tim Shirley via dev-security-policy < >> dev-security-policy@lists.mozilla.org> wrote: >> >> First of all, it's important

Re: Clarification about Ballot 193 and validity of a certificate issued on March 1st

On 22/04/18 21:04, Eric Mill via dev-security-policy wrote: On Fri, Apr 20, 2018 at 9:30 AM, Tim Shirley via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: First of all, it's important to distinguish between the BR r But even if you accept my premise there, then you have

Re: Clarification about Ballot 193 and validity of a certificate issued on March 1st

On Fri, Apr 20, 2018 at 9:30 AM, Tim Shirley via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > First of all, it's important to distinguish between the BR r > But even if you accept my premise there, then you have to ask "in what > timezone?" March 1 00:00:00 2018 GMT in

Re: Clarification about Ballot 193 and validity of a certificate issued on March 1st

On Fri, Apr 20, 2018 at 01:30:49PM +, Tim Shirley via dev-security-policy wrote: > This is why I'm not a fan of such precise enforcements of date-related > compliance. There are a lot of different ways to interpret dates/times, > but none of the readings materially change the net effect of

Re: Clarification about Ballot 193 and validity of a certificate issued on March 1st

On Friday, April 20, 2018 at 9:31:32 AM UTC-4, Tim Shirley wrote: > First of all, it's important to distinguish between the BR requirement, which > is defined in terms of certificate *issuance* dates, and the value in the > "Not Before" field. I'm guessing the "Not Before" value in this

Re: Clarification about Ballot 193 and validity of a certificate issued on March 1st

On 20/04/18 14:30, Tim Shirley via dev-security-policy wrote: First of all, it's important to distinguish between the BR requirement, which is defined in terms of certificate *issuance* dates, and the value in the "Not Before" field. I'm guessing the "Not Before" value in this certificate is

Re: Clarification about Ballot 193 and validity of a certificate issued on March 1st

First of all, it's important to distinguish between the BR requirement, which is defined in terms of certificate *issuance* dates, and the value in the "Not Before" field. I'm guessing the "Not Before" value in this certificate is not the actual issuance timestamp, since it's unlikely it was

Clarification about Ballot 193 and validity of a certificate issued on March 1st

Hello, I'm investigating an issue on behalf of a customer. Our customer requested a multi-year certificate that was issued on March 1st by Comodo. Here's the certificate: https://crt.sh/?id=354042595 Validity Not Before: Mar 1 00:00:00 2018 GMT Not After : May