[cabfpub] Revocation Information
Doug Beattie
doug.beattie at globalsign.com
Fri Sep 26 10:44:41 MST 2014
Hi Gerv,
GlobalSign also answers Yes, Yes and No.
Doug
> -----Original Message-----
> From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org]
> On Behalf Of Gervase Markham
> Sent: Tuesday, September 23, 2014 6:35 AM
> To: CABFPub
> Subject: [cabfpub] Revocation Information
>
> Hi everyone,
>
> At the face-to-face in Beijing, we talked out our new plan for revocation,
and
> specifically OneCRL, our plan to aggregate revocation information for all
non-
> leaf certificates (and perhaps some others) into a single source which
Firefox
> would then download regularly, probably daily.
>
> I had three questions for the CAs in the group, although there was not
time to
> have a long discussion about them then, so I am presenting them here.
>
> They are:
>
> 1) If we asked you to provide a set of URLs which together provided
revocation
> information for all the non-EE certificates in hierarchies which chained
up to a
> root we trust, could you do that?
>
> 2) Would all those URLs be URLs to CRLs? (I.e., to reverse the question,
are
> there any intermediate certs for which you only provide revocation info
via
> OCSP?)
>
> 3) Would you need some of that set of URLs to be secret (i.e. revealed to
> Mozilla, but you would prefer Mozilla not to reveal them to others)?
> If so, why?
>
>
> I expect the answers from all CAs to be Yes, Yes and No, so if your answer
as a
> CA would be something else, please speak up :-)
>
> We would want to build a system to make it easy for CAs to provide this
> information on an ongoing basis, but the discussion of how we do that is
out of
> scope for the moment.
>
> Gerv
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5615 bytes
Desc: not available
Url : https://cabforum.org/pipermail/public/attachments/20140926/467dd942/attachment.bin
More information about the Public
mailing list