[cabfpub] Draft Ballot 185 - Limiting the Lifetime of Certificates

Gervase Markham gerv at mozilla.org
Fri Feb 10 09:04:15 UTC 2017

On 09/02/17 21:41, Dean Coclin via Public wrote:
> What about Managed SSL customers that have prepaid two and three year
> certs on invoices? 

If there were some algorithm breakage, you would no doubt reissue the
cert with a safe algorithm and tell the customer to replace it. So I
would hope your contracts do not specifically say that the certificate
issued at the beginning of the period of supply will definitely be
exactly the same one which is doing the job at the end of the period.

IOW, if you've tied your contracts to a particular guaranteed individual
certificate usefulness lifetime instead of a particular period of supply
of service, then that was a bit of a whoopsie, for reasons entirely
unrelated to this ballot ;-)


More information about the Public mailing list