/top/
/new/
/best/
/ask/
/show/
/job/
^
slacker news
login
about
←back to thread
Certification Authority/Browser Forum adopts new security standards
(security.googleblog.com)
62 points
terminalbraid
| 5 comments |
31 Mar 25 09:56 UTC
|
HN request time: 0.771s
|
source
1.
Y-bar
◴[
02 Apr 25 17:33 UTC
]
No.
43559138
[source]
▶
>>43533110 (OP)
#
How will this impact self-signed local certificates? Can we still use a five-year lifespan on those or do we need to reduce it to <398 days?
replies(3):
>>43559253
#
>>43559268
#
>>43560211
#
ID:
GO
2.
◴[
02 Apr 25 17:45 UTC
]
No.
43559253
[source]
▶
>>43559138 (TP)
#
3.
electroly
◴[
02 Apr 25 17:46 UTC
]
No.
43559268
[source]
▶
>>43559138 (TP)
#
Your local certificates are not bound by the Baseline Requirements at all; they're irrelevant to you. You can do whatever you want if your CA is not in a root program.
4.
bawolff
◴[
02 Apr 25 19:00 UTC
]
No.
43560211
[source]
▶
>>43559138 (TP)
#
The article doesn't even mention cert lifetimes.
But the answer is no, self-signed certs dont have to folllw c/ab.
replies(1):
>>43561352
#
5.
Y-bar
◴[
02 Apr 25 20:47 UTC
]
No.
43561352
[source]
▶
>>43560211
#
The links in the article mentions the hard limit on certificate lifetime.
↑