> 2) How do you collect the results? If it goes through any member, they can > easily skew results?
The user input mechanism has been opened up for this ballot, this could be an input path, not anyhow skrew in any way. One form for all to give their input. > So thank for you clarifying the position on 27 months. I hope Peter's > restating of my point explains the position and why 13 months is really not > something we can go beyond. I understand why as a CA you may not see it as > more secure, but as a browser, it's critical for our > security and the security of our users As mentioned before, 13 months for improvement (everything else could be handeled by revocation), is too short timeframe. I also don’t understand the 13 months. If speaking about 1 year as final goal, it’s still 2 months too less for recent renewing periods. I also wonder 90-180 days are mentioned again, so we are back to (non best practice) automatism? I also read the same wrong arguments like automatism is about security, enterprises can react such fast (Gerv stated recently), 39 months is hard for them, 27 months is much harder, 13 months is absolutely unrealistic.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
