[cabf_validation] CRL Validity Interval Ballot

Wayne Thayer wthayer at gmail.com
Thu Oct 7 17:33:59 UTC 2021


Here is a draft of the ballot that we discussed on today's call to clarify
the maximum permitted validity interval of a CRL in the BRs. I've gone
ahead and reserved a ballot number and inserted Tim as the proposer and
Trev and Kati as endorsers.

*BALLOT SC52: Specify Validity Interval of CRLs*
PURPOSE OF BALLOT

Ballot SC31 included a clarification of the maximum allowed validity
interval for OCSP responses in section 4.9.10 of the Baseline Requirements.
A similar ambiguity has been identified in section 4.9.7 for the validity
interval of CRLs. This ballot better specifies the maximum validity
interval for CRLs issues after 1-Feb-2022 by applying the language from
section 4.9.10 to CRLs.

The following motion has been proposed by Tim Hollebeek of DigiCert and
endorsed by Trevoli Ponds-White of Amazon and Kati Davids of GoDaddy.
MOTION BEGINS

This ballot modifies the “Baseline Requirements for the Issuance and
Management of Publicly-Trusted Certificates” (“Baseline Requirements”),
based on Version 1.8.0:
MODIFY the Baseline Requirements as specified in the following Redline:
https://github.com/cabforum/servercert/compare/main...wthayer:ballot-SC52
(NOTE:
THIS LINK NEEDS TO BE UPDATED TO REFERENCE SPECIFIC COMMITS IN THE FINAL
BALLOT)
MOTION ENDS

This ballot proposes a Final Maintenance Guideline. The procedure for
approval of this ballot is as follows:
Discussion (7+ days)

Start Time: TBD
End Time: TBD
Vote for approval (7 days)

Start Time: TBD
End Time: TBD
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/validation/attachments/20211007/669b4842/attachment.html>


More information about the Validation mailing list