Hi All,
The CCADB SC is considering an Enhancement Request to technically enforce
the following logic for evaluating policy document disclosures in the
system.
If the parent certificate record discloses a CP:
A) It MUST disclose a CPS
B) It MUST NOT disclose a CP/CPS
C) All child certificate records MUST either:
(1) disclose a combined CP/CPS; OR
(2) disclose (a) a CP (either select "same as parent" OR a different CP)
AND (b) a CPS (either select "same as parent" OR a different CPS).
If the parent certificate record discloses a CPS:
A) It MUST disclose a CP
B) It MUST NOT disclose a CP/CPS
C) All child certificate records MUST either:
(1) disclose a combined CP/CPS; OR
(2) disclose (a) a CPS (either select "same as parent" OR a different CPS)
AND (b) a CP (either select "same as parent" OR a different CP).
If the parent certificate record discloses a combined CP/CPS:
A) It MUST NOT disclose a CP
B) It MUST NOT disclose a CPS
C) All child certificate records MUST either:
(1) disclose the same combined CP/CPS ("same as parent");
(2) disclose a different CP/CPS; OR
(3) disclose a CP and a CPS.
We are also considering adding a technical constraint to prevent a policy
document URL disclosed as a specific document type for one certificate
record (e.g., https://my-ca.com/cp_1_4.pdf, type = “CP”) from being
disclosed on a separate record using a different policy document type
(i.e., “CPS” or “CP/CPS”).
Feedback on the above processing logic is welcome.
Thank you
-Chris, on behalf of the CCADB Steering Committee
--
You received this message because you are subscribed to the Google Groups
"CCADB Public" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion visit
https://groups.google.com/a/ccadb.org/d/msgid/public/CAAbw9mBa5%3DZnyex-P0FvxYW7y%3DWwj8usp6ZSPROG52z%2BmSh7LA%40mail.gmail.com.
