On 1/9/09 4:25 PM, Johnathan Nightingale wrote:
> On 9-Jan-09, at 1:27 PM, Benjamin Smedberg wrote:
>> Perhaps it would help if we had some additional information such as:
>> what is
>> the maximum certificate expiration time? That is, if all CAs stopped
>> using
>> MD5 *today* and switched to SHA-256, how long would it be before there
>> were
>> no unexpired certificates? Is that the upper bound on how long it
>> would be
>> before we could disable MD5 and SHA1?
>
>
> So as I mentioned, I've been collecting certificates for a little while,
> and soon I hope to make the code + data public but there are still some
Yeah, I was hoping for a "certificates always have a lifespan of {1,2,3}
years" kind of answer, instead of a statistical one. Is there not a CA
guideline for the maximum lifespan of a certificate?
(Thanks for the statistics anyway!)
--BDS
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
