[cabfpub] On the use of misuse - and the necessity to remove it

Adriano Santoni adriano.santoni at staff.aruba.it
Fri Jun 8 05:07:28 MST 2018 

More explicitly, with reference to RFC 3647, I'd suggest that a 
description of what the CA means by "misuse" (or an equivalent term or 
expression) should be found in §1.4 and/or §4.9 of the CA's CPS.


Il 08/06/2018 13:52, Ryan Sleevi ha scritto:
> Could you expand a bit more?
>
> One of the concerns raised by multiple browsers, but particularly 
> articulated by Wayne, was that CAs are documenting things all over, 
> and so it's difficult for consumers to know where it will be 
> documented. Do you currently document it, and in a different section?
>
> It was an explicit goal of Ballot 217 to ensure that CAs are following 
> the 3647 format, and as Moudrick highlighted, that's already got a 
> dedicated section for that purpose. If you did want to place 
> information in additional places, that's certainly possible - but it 
> means your example 1.4.2 would say something like
>
> "Certificates issued under this policy shall not be used for hazardous 
> environments requiring fail-safe controls, including without 
> limitation, the design, construction, maintenance or operation of 
> nuclear facilities, aircraft navigation or communication systems, air 
> traffic control, and life support or weapons systems. Further, 
> certificates issued under this policy may not be used for the purposes 
> defined in Appendix A"
>
> Does that sound... reasonable?
>
>
> On Fri, Jun 8, 2018 at 7:37 AM, Adriano Santoni 
> <adriano.santoni at staff.aruba.it 
> <mailto:adriano.santoni at staff.aruba.it>> wrote:
>
>     I'd prefer not to restrict the sections of the CA's CP/CPS where
>     the definition of "misuse" (or "misused") is to be found:
>
>     4.9.1.1 (future)
>     "4. The CA obtains evidence that the Certificate was misused, as
>     defined by the CA's CP/CPS;"
>
>
>
>     Il 08/06/2018 12:54, Ryan Sleevi ha scritto:
>>     4.9.1.1 (future)
>>     "4. The CA obtains evidence that the Certificate was misused, as
>>     defined by Section 1.4.1 and 1.4.2 of the CA's CP/CPS;"
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20180608/6795c08d/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4025 bytes
Desc: Firma crittografica S/MIME
URL: <http://cabforum.org/pipermail/public/attachments/20180608/6795c08d/attachment-0001.p7s>

More information about the Public mailing list