[cabfpub] Ballot 159 - Amend Section 4 of Baseline Requirements
sleevi at google.com
Sat Jan 23 03:02:33 UTC 2016
On Thu, Jan 21, 2016 at 12:01 PM, Ben Wilson <ben.wilson at digicert.com>
> What if we amended section 4.9.2 to read, “The Subscriber can initiate
> revocation. Third parties can request revocation in accordance with
> Section 4.9.3.
> See also Section 3.4.”?
Well, again, third-parties aren't requesting revocation, per-se. They're
making a Certificate Problem Report (per our glossary)
In trying to find wording for this, I think I'm a little confused with
respect to 18.104.22.168 vs 22.214.171.124, and whether we make a distinction between
Subscriber and Subordinate CA. That is, at least as I read it, every
Subordinate CA is a Subscriber, but not every Subscriber is a Subordinate
CA. Is this your understanding as well? We don't define either type of
Certificate, but I would presume the same inclusions apply.
The reason I ask is whether or not we need to say "The Subscriber" or "The
Subscriber or Subordinate CA". My read is that it should just say
"Subscriber", but I want to make sure there's agreement of understanding as
to what that scope means.
"The Subscriber, RA, or Issuing CA can initiate revocation. Additionally,
Subscribers, Relying Parties, Application Software Suppliers, and other
third parties may submit Certificate Problem Reports informing the Issuing
CA of reasonable cause to revoke the certificate."
I'm not sure the "See Also" is necessary, otherwise we need to invoke
Section 3.4, 4.9.1 and 4.9.3 collectively to describe the revocation
process. Since we omit 4.9.1 and 4.9.3, I'm unclear whether or not we
should mention 3.4 explicitly (and whether or not 4.9.4 should also mention
See also Section 3.4)
Note - the clarification of "RA or Issuing CA" is itself borrowed from the
discussion of the contents of this section in Section 4.4.9 of RFC 3647.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Public