[cabfpub] Question around I&A information caching

Alex Wight (awight) awight at cisco.com
Fri Apr 21 09:14:18 MST 2017


Hi all,
  Please forgive me if this question is a bit naïve and perhaps something I should know already; Am I correct in assuming the following scenario is valid under the current BRs?


1.     Day 1 - CA gathers Identification and Authentication (I&A) information for a particular subscriber

2.     Day 1 - CA issues a certificate valid for 825 days

3.     824 days later - CA issues a new certificate valid for 825 days using the I&A data cached from day 1

4.     …rinse, repeat.

  In short, we can certify ownership of a domain for 1649 days (over 4 and a half years) based on a single I&A verification event performed on Day 1, correct?

Thanks,
-Alex
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20170421/0865ffd6/attachment.html>


More information about the Public mailing list