[SSL Observatory] https://controller.mobile.lan
Jacob Appelbaum
jacob at appelbaum.net
Wed Feb 8 01:56:11 PST 2012
On 02/07/2012 05:52 PM, Erwann ABALEA wrote:
> 2012/2/7 Jacob Appelbaum <jacob at appelbaum.net>
> [...]
>
>
>>> As was pointed out, this cert was issued in 2010. The CAB Forum has
>>> addressed the issuance of SSL certs to non FQDNs in the baseline
>>> requirements which were recently adopted.
>>>
>>
>> Is it true that the new requirements won't come into effect until 2016?
>>
>
> Any CA can choose to apply these requirements now. For some of them, it's
> easy, since they never produced such certificates.
> Such certificates were listed in "Problematic practices" in the Mozilla CA
> Policy, but tolerated. Kind of a grey zone.
>
> The delay until 2016 is a compromise so all implied actors can find a
> different solution for their own problems.
>
Compromise indeed.
All the best,
Jacob
More information about the Observatory
mailing list