On Mon, 4 Oct 2010, Phillip Hallam-Baker wrote:
2) Sanction CAs that issue unauthorized certificates
What would you say a valid sanction would be for a CA that issues a bad
certificate for 10 major websites like Mozilla and Yahoo?
What should the sanction be for a CA whose reseller's subCAs i
On 2011-06-20, at 08:20, Olafur Gudmundsson wrote:
>> Are other aspects to operations which you think should be included in the
>> document? (Or do you think the scope is too narrow?)
>>
>
> I think the document needs to be clearer as to what is NOT covered in a DSP.
>
> It is fine for the do
On 2011-06-20, at 01:00, Matthijs Mekking wrote:
> I think you mean sections 4.6.4, 4.6.5 and 4.6.6. Those sections
> (especially the first two) cover ZSK specific rollover and KSK specific
> roll-over schemes and are relevant in case a zone is subject to a
> KSK/ZSK Split Signing Scheme.
>
> Ho
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
FYI,
I posted a new version of my key-timing-bis document.
Changes are:
- - It saw a first line of review.
- - Lots of style changes
- - More detailed explanation of Key States Unraveled
- - Introduced the idea of Key Rollover Stages.
rfcdiff:
http: