[Servercert-wg] SC 20 (v2) / Level of detail of motivation

Ryan Sleevi sleevi at google.com
Thu Oct 3 11:53:33 MST 2019


Yeah, that's probably a better way of framing it.

I think what I'd find helpful is something to the effect of:
- This is a concrete thing that CAs want to do
- They cannot meet it under the current language, but we think it's a good
thing
- Here's the proposed change to allow this

If it helps, think of this like the "Any other method" discussions for
3.2.2.4. We wanted to get rid of "CAs can do what they want to achieve this
goal" by putting something more concrete. Yet we also saw that it didn't
handle every case, and so we've slowly expanded the requirements to include
additional things that are equally specified. When we got rid of
3.2.2.4.1/3.2.2.4.5, we took the approach of "These are the results you can
achieve today, using the rules as written, and we don't think those are
good results, so we should not allow them anymore"

Those sort of "real world" cases help build an understanding about what's
broken and how the fix addresses it :)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20191003/92093810/attachment.html>


More information about the Servercert-wg mailing list