[Smcwg-public] Microsoft requirements for OCSP URLs in S/MIME certificates
Karina Sirota Goodley
Karina.Sirota at microsoft.com
Sun Oct 9 17:39:21 UTC 2022
Hi all,
In regards to the question of Microsoft requirements for OCSP URLs in S/MIME certificates, I had to do quite a bit of digging around the various teams across Microsoft. However, I can confirm that OCSP can be optional for any non-TLS certificate types. This includes S/MIME.
OCSP is not optional for TLS at this time. Thus, we will be changing our policy to : "All non-TLS end-entity certificates must contain an AIA extension with a valid OCSP URL". We will continue to investigate OCSP for TLS.
Best,
Karina Sirota Goodley
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20221009/9ea7dc2e/attachment.html>
More information about the Smcwg-public
mailing list