[cabfpub] 9.6.3 and Private Key use
Josh Aas
josh at letsencrypt.org
Wed Jun 22 13:48:53 MST 2016
Works for me, thanks.
On Tue, Jun 21, 2016 at 9:36 AM, Ben Wilson <ben.wilson at digicert.com> wrote:
> That works.
>
> -----Original Message-----
> From: Gervase Markham [mailto:gerv at mozilla.org]
> Sent: Tuesday, June 21, 2016 4:14 AM
> To: Ben Wilson <ben.wilson at digicert.com>; Josh Aas <josh at letsencrypt.org>; CABFPub <public at cabforum.org>
> Subject: Re: [cabfpub] 9.6.3 and Private Key use
>
> On 20/06/16 19:28, Ben Wilson wrote:
>> Reporting and Revocation: An obligation and warranty to: (a) promptly
>> cease using a Certificate and its associated Private Key if there is
>> any actual or suspected misuse or compromise of the Subscriber’s
>> Private Key associated with the Public Key included in the
>> Certificate; and (b) to promptly request the CA to revoke the
>> Certificate, in the event of (a), or if any information in the
>> Certificate is, or becomes, incorrect or inaccurate.
>
> This is definitely the right sentiment, although the (a) ... (b) ... (a) makes it a bit hard to parse. How about:
>
> Reporting and Revocation: An obligation and warranty to:
>
> (a) promptly request revocation of the Certificate, and cease using it and its associated Private Key, if there is any actual or suspected misuse or compromise of the Subscriber’s Private Key associated with the Public Key included in the Certificate; and
>
> (b) promptly request revocation of the Certificate, and cease using it, if any information in the Certificate is or becomes incorrect or inaccurate.
>
> Gerv
--
Josh Aas
Executive Director
Internet Security Research Group
Let's Encrypt: A Free, Automated, and Open CA
More information about the Public
mailing list