[cabfpub] [cabfman] Notes of meeting, CAB Forum, 21 March 2013, Version 1

Rob Stradling rob.stradling at comodo.com
Mon Mar 25 11:55:33 UTC 2013


On 25/03/13 11:41, Gervase Markham wrote:
> On 25/03/13 10:53, Rob Stradling wrote:
>> Why not treat all expired certs (with or without revocation URLs) as if
>> they were revoked?
>
> By which I assume you mean: "Why not remove the override for all expired
> certs?"

Yes.

> I believe that last time we looked, the answer was that there
> are too many of them out there :-| This is one of those "every browser
> would have to do it at once" things.

:-(

BTW, I presume you've considered this section of the BRs...

"18.2 Indemnification of Application Software Suppliers
...the CA SHALL defend, indemnify, and hold harmless each Application 
Software Supplier for any and all claims, damages, and losses suffered 
by such Application Software Supplier related to a Certificate issued by 
the CA, regardless of the cause of action or legal theory involved. This 
does not apply, however, to any claim, damages, or loss suffered by such 
Application Software Supplier related to a Certificate issued by the CA 
where such claim, damage, or loss was directly caused by such 
Application Software Supplier’s software displaying...as trustworthy: 
(1) a Certificate that has expired..."

-- 
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online




More information about the Public mailing list