[cabf_validation] Enterprise RA and EV CRL Checking
Bruce Morton
Bruce.Morton at entrust.com
Wed Feb 23 19:39:05 UTC 2022
I have a couple of low priority items which I would just like to table.
Enterprise RA and Enterprise EV RA
* BR Enterprise RA definition - An employee or agent of an organization unaffiliated with the CA who authorizes issuance of Certificates to that organization.
* EVG Enterprise EV RA definition - An RA that is authorized by the CA to authorize the CA to issue EV Certificates at third and higher domain levels.
* Although EVG has added "EV" to the definition, the EVGs never reference "Enterprise EV RA", but only " Enterprise RA".
* As I assume that the CAs use the Enterprise RA to perform the same function, can we consolidate the definition and only include the definition in the BRs?
EV CRL Checking:
* EVG 13 states "CAs MUST ensure that CRLs for an EV Certificate chain can be downloaded in no more than three (3) seconds over an analog telephone line under normal network conditions."
* This requirement was in draft 11 in 2007. I believe that it was added to support dial up Windows users.
* Is it possible that we could drop this requirement and only require BR 4.9?
Thanks, Bruce.
Any email and files/attachments transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed. If this message has been sent to you in error, you must not copy, distribute or disclose of the information it contains. Please notify Entrust immediately and delete the message from your system.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/validation/attachments/20220223/3dba5ce5/attachment.html>
More information about the Validation
mailing list