[cabfpub] [cabfman] Notes of meeting, CAB Forum, 21 March 2013, Version 1

Yngve N. Pettersen yngve at spec-work.net
Mon Mar 25 10:51:14 UTC 2013


On Mon, 25 Mar 2013 11:43:49 +0100, Gervase Markham <gerv at mozilla.org>  
wrote:

> On 22/03/13 20:10, Gervase Markham wrote:
>> I think it would be a very reasonable request for enhancement for each
>> browser that they treat expired certs (of whatever validity duration)
>> with no revocation information as if they were revoked, and do not
>> provide an override.
>
> https://bugzilla.mozilla.org/show_bug.cgi?id=854346

Question: Will this apply to all certificates, or just certificates  
chaining to embedded Roots?

The reason I am asking is that, unless I am mistaken (haven't checked the  
TLS Prober data yet), most "homegrown" certificates does not reference  
revocation information.


-- 
Sincerely,
Yngve N. Pettersen

Using Opera's mail client: http://www.opera.com/mail/



More information about the Public mailing list