On Tue, Aug 9, 2022 at 3:15 PM Eric Rescorla <e...@rtfm.com> wrote: > > > On Mon, Aug 8, 2022 at 10:04 PM Peter Gutmann <pgut...@cs.auckland.ac.nz> > wrote: > >> Hal Murray <halmurray+...@sonic.net> writes: >> >> >Many security schemes get tangled up with time. TLS has time limits on >> >certificates. That presents a chicken-egg problem for NTP when getting >> >started. >> > >> >I'm looking for ideas, data, references, whatever? >> >> For commercial CAs, the expiry time is a billing mechanism, not a security >> mechanism. > > > The CABF BRs only require that revocation entries be maintained during the > lifetime of the certificate. >
I'm struggling to think of a reason the IETF should consider CABF a legitimate standards organization, but go on. not that I know anything about the problem, Rob
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls