[cabfpub] Ballot[80] - BR Response for non-issued certificates

Rick Andrews Rick_Andrews at symantec.com
Mon Jul 23 18:57:10 UTC 2012

> As I recall, Rick, you are working on a document in the revocation work
> group that should deal with the client aspect of this. This proposal is
> about what the CA's OCSP responder should do.

Yes, but that document is a set of recommended best practices, not requirements. You proposal is a requirement, not a recommended best practice. There's still a strong imbalance between what browsers and CAs have to do.


More information about the Public mailing list