On Wed, Jul 1, 2020 at 5:05 PM Ryan Sleevi wrote:
> While I'll be looking to create Compliance Incidents for the affected CAs,
>
This is now done, I believe. However, as mentioned, just because a
compliance bug was not filed does not mean that a CA may not be affected;
it may just be that CT
Ryan Sleevi via dev-security-policy
writes:
>Section 4.9.9 of the BRs requires that OCSP Delegated Responders MUST include
>an id-pkix-ocsp-nocheck extension. RFC 6960 defines an OCSP Delegated
>Responder within Section 4.2.2.2 as indicated by the presence of the id-kp-
>OCSPSigning as an EKU.
On Wed, Jul 1, 2020 at 11:48 PM Peter Gutmann
wrote:
> Ryan Sleevi via dev-security-policy
> writes:
>
> >Section 4.9.9 of the BRs requires that OCSP Delegated Responders MUST
> include
> >an id-pkix-ocsp-nocheck extension. RFC 6960 defines an OCSP Delegated
> >Responder within Section 4.2.2.2
3 matches
Mail list logo