[cabfpub] [cabfman] Notes of meeting, CAB Forum, 21 March 2013, Version 1
Yngve N. Pettersen
yngve at spec-work.net
Mon Mar 25 10:51:14 UTC 2013
On Mon, 25 Mar 2013 11:43:49 +0100, Gervase Markham <gerv at mozilla.org>
wrote:
> On 22/03/13 20:10, Gervase Markham wrote:
>> I think it would be a very reasonable request for enhancement for each
>> browser that they treat expired certs (of whatever validity duration)
>> with no revocation information as if they were revoked, and do not
>> provide an override.
>
> https://bugzilla.mozilla.org/show_bug.cgi?id=854346
Question: Will this apply to all certificates, or just certificates
chaining to embedded Roots?
The reason I am asking is that, unless I am mistaken (haven't checked the
TLS Prober data yet), most "homegrown" certificates does not reference
revocation information.
--
Sincerely,
Yngve N. Pettersen
Using Opera's mail client: http://www.opera.com/mail/
More information about the Public
mailing list