[cabfpub] [cabfman] Notes of meeting, CAB Forum, 21 March 2013, Version 1
Rob Stradling
rob.stradling at comodo.com
Mon Mar 25 11:55:33 UTC 2013
On 25/03/13 11:41, Gervase Markham wrote:
> On 25/03/13 10:53, Rob Stradling wrote:
>> Why not treat all expired certs (with or without revocation URLs) as if
>> they were revoked?
>
> By which I assume you mean: "Why not remove the override for all expired
> certs?"
Yes.
> I believe that last time we looked, the answer was that there
> are too many of them out there :-| This is one of those "every browser
> would have to do it at once" things.
:-(
BTW, I presume you've considered this section of the BRs...
"18.2 Indemnification of Application Software Suppliers
...the CA SHALL defend, indemnify, and hold harmless each Application
Software Supplier for any and all claims, damages, and losses suffered
by such Application Software Supplier related to a Certificate issued by
the CA, regardless of the cause of action or legal theory involved. This
does not apply, however, to any claim, damages, or loss suffered by such
Application Software Supplier related to a Certificate issued by the CA
where such claim, damage, or loss was directly caused by such
Application Software Supplier’s software displaying...as trustworthy:
(1) a Certificate that has expired..."
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
More information about the Public
mailing list