[cabfpub] Ballot - BR Response for non-issued certificates
Rick_Andrews at symantec.com
Mon Jul 23 18:57:10 UTC 2012
> As I recall, Rick, you are working on a document in the revocation work
> group that should deal with the client aspect of this. This proposal is
> about what the CA's OCSP responder should do.
Yes, but that document is a set of recommended best practices, not requirements. You proposal is a requirement, not a recommended best practice. There's still a strong imbalance between what browsers and CAs have to do.
More information about the Public