Ballot 193 defines 825 day limit for all cert types

Question

Ballot 193 defines 825 day limit for all cert types

cardonator opened this issue 6 years ago · comments

BJ Cardon commented 6 years ago

https://cabforum.org/2017/03/17/ballot-193-825-day-certificate-lifetimes/

Bryan Pitcher · Answer 1 · Sat Jan 05 2019 09:39:54 GMT+0800 (China Standard Time)

When merged, PR #20 should resolve this issue with the latest guidance.

BJ Cardon · Answer 2 · Sat Jan 05 2019 14:49:04 GMT+0800 (China Standard Time)

Thanks, Bryan. FWIW, we ended up switching to https://github.com/zmap/zlint for cert linting since that's one of the linters crt.sh uses, Boulder CA uses, and seems to stay the most up to date with industry guidelines.

Bryan Pitcher · Answer 3 · Wed Jan 09 2019 01:53:06 GMT+0800 (China Standard Time)

@cardonator That for the information. I've taken a look at zlint a while back and it looks really good and it's nice that it has the focus to get updated promptly with new industry guidance. I think we'll plan to use zlint in our pre-issuance process as well.