I think that an explicit carve-out for time-scoped CRLs is a very good idea.
In the case that this change to the MRSP is adopted, I suspect that LE
would scope CRLs by notAfter quite tightly, with perhaps one CRL per 24 or
even 6 hours of issuance. We would pick a small interval such that we
Dear All,
We appreciate your comments and participation in the discussion about the
Summary of Camerfirma's Compliance Issues,
https://wiki.mozilla.org/CA:Camerfirma_Issues.
Mozilla has not yet made a decision about Camerfirma's continuation in our
root store. We intend to continue with our
(Writing in a Google capacity)
I personally want to say thanks to everyone who has contributed to this
discussion, who have reviewed or reported past incidents, and who have
continued to provide valuable feedback on current incidents. When
considering CAs and incidents, we really want to ensure
On Sun, 24 Jan 2021 at 20:58, Ramiro Muñoz via dev-security-policy
wrote:
>
> Thanks everyone for your valuable contribution to the discussion. We’ve
> prepared a throughful Remediation Plan that addresses all areas of
> improvement emerged both in this public discussion as well as direct
4 matches
Mail list logo
