[cabfpub] Revocation Timeframe Ballot Language

Ben Wilson ben.wilson at digicert.com
Tue May 2 23:23:25 UTC 2017


All,



Attached is a redlined Word doc containing sections 4.9.1.1 and 4.9.5 of the  Baseline Requirements.  To provide greater flexibility when revoking certificates, I am proposing that we remove the 24-hour revocation requirement from section 4.9.1.1 and replacing it with a criteria-based process found in section 4.9.5.  Section 4.9.5 (Time within which CA Must Process the Revocation Request) would read:



The CA SHALL begin an investigation of the facts and circumstances related to a Certificate Problem Report or other revocation-related notice within one business day of receipt. After reviewing the facts and circumstances, the CA SHALL work with any entity reporting the Certificate Problem Report or other revocation-related notice to establish a date when the CA will revoke the Certificate or take whatever other appropriate action is warranted. The date selected by the CA SHOULD consider the following criteria:

1. The nature of the alleged problem (scope, context, severity, magnitude, risk of harm);

2. The consequences of revocation (direct and collateral impacts to Subscribers and Relying Parties);

3. The number of Certificate Problem Reports received about a particular Certificate or Subscriber;

4. The entity making the complaint (for example, a complaint from a law enforcement official that a Web site is engaged in illegal activities should carry more weight than a complaint from a consumer alleging that she didn't receive the goods she ordered); and

5. Relevant legislation.





Ben



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20170502/2b0fdd75/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Revocation-Time-Revision-Ballot.doc
Type: application/msword
Size: 33792 bytes
Desc: Revocation-Time-Revision-Ballot.doc
URL: <http://cabforum.org/pipermail/public/attachments/20170502/2b0fdd75/attachment-0001.doc>


More information about the Public mailing list