That's the great part about this, Rob, you don't actually have to revoke anything. The certs will just stop working at some point. I'm being somewhat facetious but that's really the bottom line. Perhaps we should not use the word revocation here because in a strict technical sense that's not what will happen and nor is revocation really necessary. Sorry, I should have mentioned that I'm thinking primarily about long-lived certificates that were issued before the BRs became effective. BRs Section 1 says: "Except where explicitly stated otherwise, these requirements apply only to relevant events that occur on or after the Effective Date." Where is it written that <2048-bit certs that predate the BRs need to be revoked by end of 2013? | ||
_______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
