[cabfpub] Misissuance of certificates

Ryan Sleevi sleevi at google.com
Wed Jan 27 19:14:46 UTC 2016

Google is happy to endorse.

On Wed, Jan 27, 2016 at 3:50 AM, Sigbjørn Vik <sigbjorn at opera.com> wrote:

> Hi all,
> I think the discussion on this topic has been great, and the proposed
> ballot has had several improvements as a result. I think it is time we
> put it to a ballot. The text is as below, I am looking for two endorsers.
> 2.2.1 Notification of incorrect issuance
> In the event that a CA issues a certificate in violation of these
> requirements, the CA SHALL publicly disclose a report within one week of
> becoming aware of the violation. A link to the report SHALL
> simultaneously be sent to incidents at cabforum.org.
> Effective 01-Jul-16, the CA SHALL in its Certificate Policy and/or
> Certification Practice Statement announce where such reports will be
> found. The location SHALL be as accessible as the CP/CPS.
> The report SHALL publicize details about what the error was, what caused
> the error, time of issuance and discovery, and public certificates for
> all issuer certificates in the trust chain.
> The report SHALL publicize the full public certificate, with the
> following exception: For certificates issued prior to 01-Mar-16 the
> report MAY truncate Subject Distinguished Name fields and subjectAltName
> extension values to the registerable domain name.
> The report SHALL be made available to the CAs Qualified Auditor for the
> next Audit Report.
> --
> Sigbjørn Vik
> Opera Software
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160127/5b04b2d1/attachment-0003.html>

More information about the Public mailing list