[cabfpub] Application for SHA-1 Issuance
Peter Bowen
pzb at amzn.com
Mon Jul 18 14:09:42 UTC 2016
> On Jul 18, 2016, at 7:04 AM, Gervase Markham <gerv at mozilla.org> wrote:
>
> On 16/07/16 00:48, Dean Coclin wrote:
>> Enclosed please find the application for SHA-1 issuance presented on behalf
>> of our client. Note that the application was fully completed by the client.
>
> The date today is 18th July 2016. The new SHA-1 certificates are
> apparently needed by 31st July 2016 - less than two weeks away. Several
> months ago, when the first of these problems hit, there was a similarly
> short deadline and I (and perhaps other browser vendors) said that we
> would be very displeased if further requests emerged with short
> deadlines - particularly if the problem had been known about for some
> time - because it would look very like we were being bounced into saying
> Yes.
>
> Is there an explanation of why this request is appearing so close to the
> deadline?
According to Google’s process, a request MUST be submitted no longer than 14 days before the proposed notBefore date. Adding to that the ongoing request that notBefore dates not be backdated, this means that this application by Symantec was filed about as early as allowed.
Thanks,
Peter
More information about the Public
mailing list