On Tue, Oct 18, 2016 at 4:37 PM, Gervase Markham <g...@mozilla.org> wrote:

> On 18/10/16 16:35, Ryan Sleevi wrote:
> > On Tue, Oct 18, 2016 at 4:34 PM, Dean Coclin via Public
> > <public@cabforum.org <mailto:public@cabforum.org>> wrote:
> >
> >     While I'm not the technical expert here, assuming we could, wouldn't
> >     they
> >     then need to undergo the 10 day eval period?
> >
> > Yes
>
> And wouldn't that push the date past the expiry date of their existing
> certs?
>

Unfortunately, potentially so. But I don't think it would be appropriate to
be granting even further exceptions to an inability to follow a policy
announced months ago, for the same moral hazard reason of allowing
exceptions beyond Dec 31, 2016, when it's spelled out at
https://github.com/awhalley/docs-for-comment/blob/master/SHA1RequestProcedure.MD#existing-certificate-information
_______________________________________________
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Reply via email to