Hacker News new | ask | show | jobs
by ikeboy 4087 days ago
If that's the case, shouldn't all certs only be valid until the domain expires, and all domain name sales should require revocation of all certs?
1 comments
icebraining 4087 days ago
Sure, but how do you enforce the latter?
link
ikeboy 4087 days ago
The latter can't be enforced, but individual buyers can demand that for all known certs.

And I think you can currently get certs expiring later than the domain, which seems wrong to me. Is there a good justification for that?

link