[cabfpub] Ballot for limited exemption to RFC 5280 for CT implementation

Ryan Sleevi sleevi at google.com
Thu Sep 18 21:20:13 UTC 2014

On Sep 18, 2014 2:11 PM, "Brian Smith" <brian at briansmith.org> wrote:
> On Thu, Sep 18, 2014 at 1:59 PM, Ryan Sleevi <sleevi at google.com> wrote:
> > This is the same arguments for Certificate != PreCertificate. The ASN.1
> > diverges and distinguishes the two, the same conceptual way the
contents of
> > a tbsCertList differs from a tbsCertificate.
> >
> > The poison extension - a structural facet of a PreCert - is as
> > distinguishing to RFC5280 as a different ASN.1 structure. It makes them
> > different.
> Then there is no need for this ballot, right?
> Cheers,
> Brian

This ballot just serves to memorialize this discussion in a way that is
unambiguous for auditors.

We can niggle on wording (the current wording reflects the view of some
members' that it is a violation), but the end result is equivalent to those
who argue it is not a violation, ergo it does no harm, does not change the
results, and helps those who do think it is a violation sleep better at
night, despite the fact that it isn't :)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20140918/60ccf1b9/attachment-0003.html>

More information about the Public mailing list