[cabfpub] Preballot - Revised Ballot 190

Ryan Sleevi sleevi at google.com
Wed May 17 16:36:28 UTC 2017

On Wed, May 17, 2017 at 12:28 PM, Gervase Markham <gerv at mozilla.org> wrote:

> On 17/05/17 17:24, Ryan Sleevi via Public wrote:
> > Would you (and Jeremy and Gerv) be receptive to including this in
> >
> I have no objection; although would it have an effect on achievable
> implementation timelines?

Start with a SHOULD with a MUST timelines in the future :)

> > There did not appear to be any objections raised on the list - simply a
> > discussion related to policy OIDs versus an extension, but the the
> > extension provides a semantically valid approach that minimizes any
> > changes to CA infrastructure.
> People with more expertise than me can make the call as to which way to
> do it :-)

Yeah, policy OID would require reissuing intermediates to be
meaningful/effective/interoperable (e.g. Microsoft ADCS requires policy
OIDs in leaves are contained within their issuing intermediate), whereas
ADCS can be 'easily' extended (via ICertServerPolicy
example code
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170517/0561bc43/attachment-0003.html>

More information about the Public mailing list