[cabfpub] [EXT] Re: Ballot 194 – Effective Date of Ballot 193 Provisions
pzb at amzn.com
Mon Apr 3 15:04:19 MST 2017
> On Apr 3, 2017, at 12:59 PM, Ryan Sleevi via Public <public at cabforum.org> wrote:
> On Mon, Apr 3, 2017 at 3:57 PM, Steve Medin <Steve_Medin at symantec.com <mailto:Steve_Medin at symantec.com>> wrote:
> On April 22, nearly one third of the authentication databases of all certificate authorities is invalidated. All data currently held from work done between 825 days and 39 months ago is wiped from use when it could have been consumed until March 1 if 193 was written as Chris seems to have intended.
> But that doesn't matter unless someone applies for a certificate.
> You don't need to reissue all of those certificates. Only ones which are expired and/or need to be reissued.
> This exact same problem would occur on March 1, 2018. Literally everything else in your message still applies, so please help me understand what makes this different at all.
This “exact same problem” will only occur on March 1, 2018 if CAs do not change anything. If they quickly change their customer messaging and systems to day that validations are only good for 825 days starting very soon, then when March 1, 2018 rolls around there will be few (if any) validations that would have been valid under the current rule but are not valid under the new rule.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Public