[cabf_validation] EV CRL Checking

[Bruce Morton]

EV CRL Checking:

  *   EVG 13 states "CAs MUST ensure that CRLs for an EV Certificate chain can be downloaded in no more than three (3) seconds over an analog telephone line under normal network conditions."
  *   This requirement was in draft 11 in 2007. I believe that it was added to support dial up Windows users.
  *   This is a requirement is hard to measure/test by the CA and auditor and does not provide much value with common high speed internet; however, it still remains to be a requirement.
  *   Is it possible that we could drop this requirement and only require BR 4.9?

My proposal is a follows:

EVG 4, replace "The requirements in Section 4.9 of the Baseline Requirements apply equally to EV Certificates. However, CAs MUST ensure that CRLs for an EV Certificate chain can be downloaded in no more than three (3) seconds over an analog telephone line under normal network conditions."

With "The requirements in Section 4.9 of the Baseline Requirements apply equally to EV Certificates."


Thanks, Bruce.
Any email and files/attachments transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed. If this message has been sent to you in error, you must not copy, distribute or disclose of the information it contains. Please notify Entrust immediately and delete the message from your system.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/validation/attachments/20220729/13cd5198/attachment.html>