Nelson B Bolyard wrote: > Rob, in the past, any time that we have suggested that a CA issue a new > root CA cert for any reason, even if only to change something minor, > we've received much feedback saying that doing so represents a huge > challenge and investment for the CAs, necessitating modifications to > CPSes, triggering new audits, etc. etc. One gets the impression from > those replies that this is something the CAs would rather avoid at > (nearly) all cost.
Another option would be to make a (small? :-) modification to NSS to allow us to store an expiry date which overrode the one in the certificate. Gerv _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
