[cabfpub] Revocation Timeframe Ballot Language
Ben Wilson
ben.wilson at digicert.com
Tue May 2 23:23:25 UTC 2017
All,
Attached is a redlined Word doc containing sections 4.9.1.1 and 4.9.5 of the Baseline Requirements. To provide greater flexibility when revoking certificates, I am proposing that we remove the 24-hour revocation requirement from section 4.9.1.1 and replacing it with a criteria-based process found in section 4.9.5. Section 4.9.5 (Time within which CA Must Process the Revocation Request) would read:
The CA SHALL begin an investigation of the facts and circumstances related to a Certificate Problem Report or other revocation-related notice within one business day of receipt. After reviewing the facts and circumstances, the CA SHALL work with any entity reporting the Certificate Problem Report or other revocation-related notice to establish a date when the CA will revoke the Certificate or take whatever other appropriate action is warranted. The date selected by the CA SHOULD consider the following criteria:
1. The nature of the alleged problem (scope, context, severity, magnitude, risk of harm);
2. The consequences of revocation (direct and collateral impacts to Subscribers and Relying Parties);
3. The number of Certificate Problem Reports received about a particular Certificate or Subscriber;
4. The entity making the complaint (for example, a complaint from a law enforcement official that a Web site is engaged in illegal activities should carry more weight than a complaint from a consumer alleging that she didn't receive the goods she ordered); and
5. Relevant legislation.
Ben
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20170502/2b0fdd75/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Revocation-Time-Revision-Ballot.doc
Type: application/msword
Size: 33792 bytes
Desc: Revocation-Time-Revision-Ballot.doc
URL: <http://cabforum.org/pipermail/public/attachments/20170502/2b0fdd75/attachment-0001.doc>
More information about the Public
mailing list