Erwann Abalea eaba...@gmail.com writes:
Has this extension been de-obsoleted? It was already deprecated in RFC2459,
it's not even present in RFC5280 anymore.
Like other aspects of the web PKI (e.g. wildcard certs), this is one of the
areas where you need to ignore what PKIX says and do what
Hi,
===Backdating the notBefore date===
Certificates do not contain an issue timestamp, so it is not possible to
be certain when they were issued. The notBefore date is the start of the
certificate's validity range, and is set by the CA. It should be a
reasonable reflection of the date on
On Fri, Nov 29, 2013 at 1:20 AM, Gervase Markham g...@mozilla.org wrote:
Comments?
I suggest you propose it as a change to the baseline requirements.
Cheers,
Brian
--
Mozilla Networking/Crypto/Security (Necko/NSS/PSM)
___
dev-security-policy mailing
3 matches
Mail list logo
