[cabfpub] Draft Ballot 185 - Limiting the Lifetime of Certificates
pzb at amzn.com
Tue Feb 21 19:43:56 UTC 2017
Many organizations have policies to not re-use keys between certificates. Dropping the validity period therefore effectively drops the key usage period.
> On Feb 21, 2017, at 10:54 AM, Ryan Sleevi via Public <public at cabforum.org> wrote:
> This doesn't seem particularly relevant - I haven't heard any suggestion that this is about ensuring frequent key rotation, as opposed to all the other policies and practices being attested to in conjunction with the keys.
> On Tue, Feb 21, 2017 at 10:52 AM, Dean Coclin via Public <public at cabforum.org <mailto:public at cabforum.org>> wrote:
> Posting on behalf of AT&T:
> AT&T typically looks to NIST for guidance and reference on industry standards, see page 45 of the attached (NIST SP800-57-Pt1R4) document.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Public