Right, I don't think it's high priority either. Just though since the BRs says "MAY comply with RFC 8954", it might as well be updated to RFC9654.
Cheers, Tomas ________________________________ From: Tim Hollebeek Sent: Friday, October 04, 2024 4:23 PM To: Tomas Gustavsson; CA/B Forum Server Certificate WG Public Discussion List Subject: RE: OCSP Nonce RFC9654 I mean, we could, but I don’t think it’s a particularly high priority. That RFC makes some small clarifications to corner cases involving a corner case. I’m not sure it’s all that relevant to the WebPKI, unless someone points out a reason we need it. -Tim From: Servercert-wg <[email protected]> On Behalf Of Tomas Gustavsson via Servercert-wg Sent: Friday, October 4, 2024 3:05 AM To: CA/B Forum Server Certificate WG Public Discussion List <[email protected]> Subject: [Servercert-wg] OCSP Nonce RFC9654 BRs have in section 4.9.10: OCSP responders operated by the CA SHALL support the HTTP GET method, as described in RFC 6960 and/or RFC 5019. The CA MAY process the Nonce extension (1.3.6.1.5.5.7.48.1.2) in accordance with RFC 8954. RFC9654,https://www.rfc-editor.org/rfc/rfc9654.txt, updates RFC8954. Should the BRs be updated for the new RFC? Cheers, Tomas
_______________________________________________ Servercert-wg mailing list [email protected] https://lists.cabforum.org/mailman/listinfo/servercert-wg
