[cabfpub] Revocation revamp
Rob Stradling
rob.stradling at comodo.com
Wed Mar 25 06:22:45 MST 2015
On 25/03/15 13:11, Ben Laurie wrote:
> On the subject of revocation, I was wondering how one would go about
> revoking a mis-issued cert detected through CT. I picked a couple of
> random CAs and tried to find out how I might report that they'd
> mis-issued a cert for my site. I completely failed.
>
> Do the BRs say anything about this?
13. Certificate Revocation and Status Checking
13.1 Revocation
13.1.1 Revocation Request
The CA SHALL provide a process for Subscribers to request revocation of
their own Certificates. The process MUST be described in the CA’s
Certificate Policy or Certification Practice Statement. The CA SHALL
maintain a continuous 24x7 ability to accept and respond to revocation
requests and related inquiries.
13.1.2 Certificate Problem Reporting
The CA SHALL provide Subscribers, Relying Parties, Application Software
Suppliers, and other third parties with clear instructions for reporting
suspected Private Key Compromise, Certificate misuse, or other types of
fraud, compromise, misuse, inappropriate conduct, or any other matter
related to Certificates. The CA SHALL publicly disclose the instructions
through a readily accessible online means.
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
More information about the Public
mailing list