[cabfpub] Ballot 213 - Revocation Timeline Extension
Gervase Markham
gerv at mozilla.org
Wed Sep 6 16:00:48 UTC 2017
On 06/09/17 16:53, Wayne Thayer via Public wrote:
> I can accept this interpretation, but I do think that most emails (lacking a digital signature or shared secret) fall into this bucket.
Do we need to have a discussion about appropriate ways to validate
revocation requests?
If the customer has an account of some sort, presumably they could log
in and request a revocation, and perhaps an email request would be met
with a response asking them to do so. But if there is no account?
Gerv
More information about the Public
mailing list