[Servercert-wg] OCSP Nonce RFC9654
Tomas Gustavsson
Tomas.Gustavsson at keyfactor.com
Fri Oct 4 14:47:50 UTC 2024
Right, I don't think it's high priority either. Just though since the BRs says "MAY comply with RFC 8954", it might as well be updated to RFC9654.
Cheers,
Tomas
________________________________
From: Tim Hollebeek
Sent: Friday, October 04, 2024 4:23 PM
To: Tomas Gustavsson; CA/B Forum Server Certificate WG Public Discussion List
Subject: RE: OCSP Nonce RFC9654
I mean, we could, but I don’t think it’s a particularly high priority. That RFC makes some small clarifications to corner cases involving a corner case. I’m not sure it’s all that relevant to the WebPKI, unless someone points out a reason we need it.
-Tim
From: Servercert-wg <servercert-wg-bounces at cabforum.org> On Behalf Of Tomas Gustavsson via Servercert-wg
Sent: Friday, October 4, 2024 3:05 AM
To: CA/B Forum Server Certificate WG Public Discussion List <servercert-wg at cabforum.org>
Subject: [Servercert-wg] OCSP Nonce RFC9654
BRs have in section 4.9.10:
OCSP responders operated by the CA SHALL support the HTTP GET method, as described in RFC 6960 and/or RFC 5019. The CA MAY process the Nonce extension (1.3.6.1.5.5.7.48.1.2) in accordance with RFC 8954.
RFC9654,https://www.rfc-editor.org/rfc/rfc9654.txt, updates RFC8954.
Should the BRs be updated for the new RFC?
Cheers,
Tomas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20241004/0e09d507/attachment-0001.html>
More information about the Servercert-wg
mailing list