[Cscwg-public] Updated CRL Revocation Date Clarification Pre-Ballot

Corey Bonnell Corey.Bonnell at digicert.com
Wed Oct 6 14:53:11 UTC 2021


Hi Bruce,

Comments inline.

 

> When should we use revocationDate and revocation date OR invalidity date
and invalidtyDate? I think we should make the use consistent in this
section.

 

Thanks for pointing this out; I went back and added "field" to the locations
where the text is referring to the CRL/OCSP fields and also ensured that the
locations where the fields aren't being referenced have a space between
"revocation"/"invalidity" and "date".

 

> Do we want a footnote or a Note similar to what is done in the SSL BRs?

 

It looks like the TLS BRs use both conventions; I'm partial to footnotes
since footnotes don't interrupt the "flow" of the document with explainer
text, but happy to change it to a "Note" if we want to use that convention
in the CSBRs.

 

> It would be good to clarify if the effective date applies only to future
revocations or all revocations. As such, could we state that "For Code
Signing Certificates revoked on or after 2022-07-01, if the CA includes the
Invalidity Date CRL entry extension ."

 

I tweaked the wording for the new requirement to make it clear it's
applicable to CRLs published on or after 2022-07-01, so historical
revocation entries may need to be modified if they don't match the profile.

 

Thanks,

Corey

 

From: Bruce Morton <Bruce.Morton at entrust.com> 
Sent: Wednesday, October 6, 2021 9:57 AM
To: Corey Bonnell <Corey.Bonnell at digicert.com>; cscwg-public at cabforum.org
Subject: RE: Updated CRL Revocation Date Clarification Pre-Ballot

 

Hi Corey,

 

Rather than marking up the document, I have a few comments:

 

1.	When should we use revocationDate and revocation date OR invalidity
date and invalidtyDate? I think we should make the use consistent in this
section.
2.	Do we want a footnote or a Note similar to what is done in the SSL
BRs?
3.	It would be good to clarify if the effective date applies only to
future revocations or all revocations. As such, could we state that "For
Code Signing Certificates revoked on or after 2022-07-01, if the CA includes
the Invalidity Date CRL entry extension ."

 

 

Thanks, Bruce.

 

From: Cscwg-public <cscwg-public-bounces at cabforum.org
<mailto:cscwg-public-bounces at cabforum.org> > On Behalf Of Corey Bonnell via
Cscwg-public
Sent: Wednesday, October 6, 2021 8:23 AM
To: cscwg-public at cabforum.org <mailto:cscwg-public at cabforum.org> 
Subject: [EXTERNAL] [Cscwg-public] Updated CRL Revocation Date Clarification
Pre-Ballot

 

WARNING: This email originated outside of Entrust.
DO NOT CLICK links or attachments unless you trust the sender and know the
content is safe.

  _____  

Hello,

Thank you to Rob, Bruce, and Dimitris for the valuable feedback on the
original pre-ballot draft. I have incorporated the conclusions from our
discussions on the list and the last call into the latest draft; please see
the attached.

 

There were two changes:

*	There is now a footnote that better explains the rationale for using
the revocationDate field to convey the "invalidity date"
*	The effective date for the Invalidity Date extension value change
has been pushed back to July 1st, 2022.

 

Let me know if there are any questions or comments. Barring any further
substantial changes, I think we're ready at this point to look for two
endorsers to push the ballot forward.

 

Thanks,

Corey

 

Any email and files/attachments transmitted with it are confidential and are
intended solely for the use of the individual or entity to whom they are
addressed. If this message has been sent to you in error, you must not copy,
distribute or disclose of the information it contains. Please notify Entrust
immediately and delete the message from your system. 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20211006/8490cf55/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: RevocationDate Clarification.docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 138462 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20211006/8490cf55/attachment-0001.docx>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4990 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20211006/8490cf55/attachment-0001.p7s>


More information about the Cscwg-public mailing list