subject:"Policy 2.7.1\: MRSP Issue #218\: Clarify CRL requirements for End Entity Certificates"

Re: Policy 2.7.1: MRSP Issue #218: Clarify CRL requirements for End Entity Certificates

2021-03-08 Thread Ben Wilson via dev-security-policy

ot;A CA technically capable of...that the CCADB field" seems >>> > wrong. CCADB "CA Owner" records don't/won't contain the new field(s). >>> > Similar language elsewhere in the policy (section 5.3.2) says "All >>> > certificates that are capable

Re: Policy 2.7.1: MRSP Issue #218: Clarify CRL requirements for End Entity Certificates

2021-02-25 Thread Ben Wilson via dev-security-policy

t; Technically-constrained intermediate certs don't have to be disclosed to >> > CCADB, but "in all situations where the CA is enabled for server >> > certificate issuance" clearly includes technically-constrained >> > intermediates. How would a CA populate the

Re: Policy 2.7.1: MRSP Issue #218: Clarify CRL requirements for End Entity Certificates

2021-01-25 Thread Aaron Gable via dev-security-policy

ions where the CA is enabled for server > > certificate issuance" clearly includes technically-constrained > > intermediates. How would a CA populate the "Full CRL Issued By This CA" > > field for a technically-constrained intermediate cert that has > > (legiti

Re: Policy 2.7.1: MRSP Issue #218: Clarify CRL requirements for End Entity Certificates

2021-01-13 Thread Rob Stradling via dev-security-policy

From: dev-security-policy on behalf of Ben Wilson via dev-security-policy Sent: 08 January 2021 01:00 To: mozilla-dev-security-policy Subject: Policy 2.7.1: MRSP Issue #218: Clarify CRL requirements for End Entity Certificates CAUTION: This email originat

Re: Policy 2.7.1: MRSP Issue #218: Clarify CRL requirements for End Entity Certificates

2021-01-13 Thread Corey Bonnell via dev-security-policy

Hi Ben, A few follow-up questions and comments: 1) What are the expectations regarding availability for such CRLs? Do the availability requirements in BR 4.10.2 stand for these CRLs even if such CRL pointers are not encoded in end-entity certificates? 2) What is the expectation for populating

Re: Policy 2.7.1: MRSP Issue #218: Clarify CRL requirements for End Entity Certificates

2021-01-11 Thread Ryan Hurst via dev-security-policy

On Thursday, January 7, 2021 at 5:00:46 PM UTC-8, Ben Wilson wrote: > This is the last issue that I have marked for discussion in relation to > version 2.7.1 of the Mozilla Root Store Policy > . > > It is

Policy 2.7.1: MRSP Issue #218: Clarify CRL requirements for End Entity Certificates

2021-01-07 Thread Ben Wilson via dev-security-policy

This is the last issue that I have marked for discussion in relation to version 2.7.1 of the Mozilla Root Store Policy . It is identified and discussed in GitHub Issue #218

Re: Policy 2.7.1: MRSP Issue #218: Clarify CRL requirements for End Entity Certificates

Re: Policy 2.7.1: MRSP Issue #218: Clarify CRL requirements for End Entity Certificates

Re: Policy 2.7.1: MRSP Issue #218: Clarify CRL requirements for End Entity Certificates

Re: Policy 2.7.1: MRSP Issue #218: Clarify CRL requirements for End Entity Certificates

Re: Policy 2.7.1: MRSP Issue #218: Clarify CRL requirements for End Entity Certificates

Re: Policy 2.7.1: MRSP Issue #218: Clarify CRL requirements for End Entity Certificates

Policy 2.7.1: MRSP Issue #218: Clarify CRL requirements for End Entity Certificates

7 matches

Site Navigation

Mail list logo

Footer information