[cabf_validation] More Certificate Policy Weirdness

Ryan Sleevi sleevi at google.com
Tue Mar 16 22:48:42 UTC 2021


As I was working through profiles, I stumbled on some additional tricky
issues related to the current rules of Certificate Policies, which I've
documented at https://github.com/cabforum/servercert/issues/254

I believe the two suggestions I offer in the issue are natural/logical
consequences of our existing requirements (i.e. they do not
impose/introduce new requirements, but clarify existing ones), but I'd
appreciate feedback from folks to know if they disagree with that.

Happy to discuss on-list or on GitHub, but wanted to draw folks' attention
to it. My current plan is to make the proposed changes now, and we can
continue to discuss as part of the profiles work, but I'll continue to
update and adjust based on feedback if there are
concerns/questions/confusion.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/validation/attachments/20210316/4ac5df96/attachment.html>


More information about the Validation mailing list