[cabfpub] On the use of misuse - and the necessity to remove it

Ryan Sleevi sleevi at google.com
Fri Jun 8 05:51:00 MST 2018 

I'm not sure - can you explain why you think putting it in 4.9 would be
consistent with 3647?

I think the goal is to have a consistent place that all Subscribers and
Relying Parties can expect things. 3647 provides for that in Section 1.4.
I'm not sure why we'd want to permit and/or - that seems like it creates
more work for everyone?

On Fri, Jun 8, 2018 at 8:07 AM, Adriano Santoni <
adriano.santoni at staff.aruba.it> wrote:

> More explicitly, with reference to RFC 3647, I'd suggest that a
> description of what the CA means by "misuse" (or an equivalent term or
> expression) should be found in §1.4 and/or §4.9 of the CA's CPS.
>
> Il 08/06/2018 13:52, Ryan Sleevi ha scritto:
>
> Could you expand a bit more?
>
> One of the concerns raised by multiple browsers, but particularly
> articulated by Wayne, was that CAs are documenting things all over, and so
> it's difficult for consumers to know where it will be documented. Do you
> currently document it, and in a different section?
>
> It was an explicit goal of Ballot 217 to ensure that CAs are following the
> 3647 format, and as Moudrick highlighted, that's already got a dedicated
> section for that purpose. If you did want to place information in
> additional places, that's certainly possible - but it means your example
> 1.4.2 would say something like
>
> "Certificates issued under this policy shall not be used for hazardous
> environments requiring fail-safe controls, including without limitation,
> the design, construction, maintenance or operation of nuclear facilities,
> aircraft navigation or communication systems, air traffic control, and life
> support or weapons systems. Further, certificates issued under this policy
> may not be used for the purposes defined in Appendix A"
>
> Does that sound... reasonable?
>
>
> On Fri, Jun 8, 2018 at 7:37 AM, Adriano Santoni <
> adriano.santoni at staff.aruba.it> wrote:
>
>> I'd prefer not to restrict the sections of the CA's CP/CPS where the
>> definition of "misuse" (or "misused") is to be found:
>>
>> 4.9.1.1 (future)
>> "4. The CA obtains evidence that the Certificate was misused, as defined
>> by the CA's CP/CPS;"
>>
>>
>> Il 08/06/2018 12:54, Ryan Sleevi ha scritto:
>>
>> 4.9.1.1 (future)
>> "4. The CA obtains evidence that the Certificate was misused, as defined
>> by Section 1.4.1 and 1.4.2 of the CA's CP/CPS;"
>>
>>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20180608/fca16949/attachment.html>

More information about the Public mailing list