On Sat, Mar 4, 2017 at 12:22 PM, Daniel Cater via dev-security-policy <dev-security-policy@lists.mozilla.org> wrote: > On Saturday, 4 March 2017 20:14:09 UTC, Jeremy Rowley wrote: >> 1.0 is not the definitive version any more. As of 2015‐04‐01, Section >> 6.3.2 prohibits validity periods longer than 39 months. >> > > Thanks for the prompt reply Jeremy. I realise this. My question relates to > what the situation was (be it a guideline, policy, or just common practice) > prior to version 1.0. > > The cablint message mentions 120 months and I was wondering where that number > came from.
Common practice. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy