[cabfpub] Require commonName in Root and Intermediate Certificates ballot draft (2)

Gervase Markham gerv at mozilla.org
Thu Apr 20 15:57:25 UTC 2017

On 20/04/17 16:42, Ryan Sleevi wrote:
> So requirements about data gathering apply both when it is gathered and
> reused. Requirements about data reuse apply when it is reused. And so on.

Hmm. I see your point. On the other hand, if we adopt this method, we
run into the problem I mentioned on the call - people will resist any
improvements to data gathering, because it automatically invalidates all
existing data.

So I think the answer is that data gathering and data reuse are an
unusual case of two dependent activities, and the effect of a change in
the gathering rules upon whether or not you can reuse old data should be
specified every time. (I guess there could be a default.)

For other activities, like issuance, the activity stands alone and my
originally-specified rules apply.


More information about the Public mailing list