- From: Gervase Markham <gerv@mozilla.org>
- Date: Wed, 11 Nov 2009 14:28:42 +0000
- To: Adam Barth <w3c@adambarth.com>
- CC: Bil Corry <bil@corry.biz>, public-webapps@w3.org
On 11/11/09 08:57, Adam Barth wrote: > Why do we need a browser mechanism for that? It seems like the site > can easily compute whatever max-age value it wishes to set. Not to mention the fact that you normally don't actually want the LockCA to expire at exactly the same time as the cert, because you don't normally change certs over the second they expire! One would hope to be safely on the new cert a week or two before the expiry of the old one - at which point, the seeminly-simple "expire when cert expires" setting comes back to bite you. Gerv
Received on Wednesday, 11 November 2009 14:29:32 UTC