Really appreciate advise and inputs Mark , thank you … Does beg the question will they change the browser checks and how would we know
M From: Mark Goodwin <[email protected]> Date: Tuesday, 7 July 2020 at 14:54 To: "[email protected]" <[email protected]> Cc: "[email protected]" <[email protected]> Subject: Re: 398 Cert Life span 1Sep2020 Hi, I can't answer for any of the vendors but I've read around this a bit; perhaps the following will be of some use: The Apple announcement states that the change affects "only TLS server certificates issued from the Root CAs preinstalled with iOS" - therefore, I think it's safe to assume locally added roots (from Internal CAs) will be unaffected. The Chromium change also appears to only apply to certs from known roots ( https://source.chromium.org/chromium/chromium/src/+/master:net/cert/cert_verify_proc.cc;l=682?q=HasTooLongValidity&ss=chromium ) so Chrome, Edge and other Chromium based browsers look to be the same story. Kind regards, Mark On Mon, 6 Jul 2020 at 15:07, marc.rnlds--- via dev-security-policy <[email protected]<mailto:[email protected]>> wrote: Hi All, How will internal CA's be affected. If I issue or have issued 2 years certificates, how will the browsers treat these certificates ? Just after guidance .. M _______________________________________________ dev-security-policy mailing list [email protected]<mailto:[email protected]> https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
