[Smcwg-public] [EXTERNAL]-Re: Use of the certificateHold CRLreason for leaf certificates

Russ Housley housley at vigilsec.com
Fri Sep 2 14:47:29 UTC 2022


> Unless I missed some message Tim said that and/or means “that it can be in the CP and the CPS, or just the CP, or just the CPS”. This is the same I said.

So, let's talk about the three cases:

1. "CP and the CPS": I am fine with that approach.

2. "or just the CP": This case is somewhat silly, but it does require suspension to be discussed in the CP, so I am fine.

3. "or just the CPS": I am arguing that this should not be allowed.

> Something to consider is that, eventually, the CP could state that the CA will stipulate the provisions around suspension in the CPS. 

The CP needs to say that suspension is allowed under the policy, and then the CPS should say how that is done.

> So all depends how the documents are written, but the key point here is that, for any kind of stipulation, CP and CPS must be consistent.

Of course the CP and CPS need to be consistent.


More information about the Smcwg-public mailing list