Subject: Policy-Discussion
List archive
- From: Ian G <iang AT cacert.org>
- To: cacert-policy AT lists.cacert.org
- Subject: Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments
- Date: Thu, 17 Nov 2011 09:00:36 +1100
- Authentication-results: lists.cacert.org; dkim=pass (1024-bit key) header.i= AT cacert.org; dkim-asp=none
On 14/11/11 03:36 AM, Michael Tänzer wrote:
To get somewhere in the key extension issue I call for the following vote: It is resolved that the CPS section 7.1.2 is changed as stated on https://wiki.cacert.org/PolicyDrafts/CPSKeyUsageChanges Voting should be open for one week (i.e. until 2011-11-21) as it is merely technical details not a fundamental change to the policy. Regards, crlDistributionPoints=URI:<crlUri> following on from discussions in NewRootsTaskForce we have surmised whether to get rid of CRLs in the future, as OCSP gives us a much better mechansim to deal with disaster recovery. But this would also involve dropping CRLs. And not putting the URI in the certs. Whether this is a good thing or a bad thing I'm unsure, but I note that Baseline Requirements (Draft 50, which has just come out 2 hours ago) goes some way in this direction. http://www.gerv.net/temp/Baseline_Requirements_Draft_50.pdf section 13.2.2. OCSP is like SHALL, and CRLs are like an IF. Although the text is typically unclear.... iang PS: for NewRootsTaskForce, note the full text in that PDF above. PPS: for all; the intention is that BR will be a new compliance document applying to all CAs. It is being voted forward in CABForum in about 5 days. |
- Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, (continued)
- Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, Pieter van Emmerik, 11/13/2011
- Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, J. Steijlen, 11/14/2011
- Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, Jan Dittberner, 11/14/2011
- Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, Raoul Xavier Boerlage, 11/14/2011
- Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, Guillaume ROMAGNY, 11/14/2011
- Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, Bernhard Fröhlich, 11/15/2011
- Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, Lambert Hofstra, 11/15/2011
- Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, Martin Gummi, 11/24/2011
- Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, hlehmbruch, 11/25/2011
- Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, Martin Gummi, 11/24/2011
- Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, Lambert Hofstra, 11/15/2011
- Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, INOPIAE (Marcus), 11/16/2011
- Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, Ian G, 11/16/2011
- Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, Michael Tänzer, 11/16/2011
- Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, Ian G, 11/17/2011
- Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, Michael Tänzer, 11/17/2011
- Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, Ian G, 11/17/2011
- Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, Michael Tänzer, 11/16/2011
- Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, Sören Kornetzki, 11/17/2011
- Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, Bernd Jantzen, 11/20/2011
- Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, Morten Gulbrandsen (Java programmer), 11/20/2011
- Voting time extended: Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, Michael Tänzer, 11/20/2011
- Re: Voting time extended: Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, Andreas Bäß, 11/25/2011
- Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, Werner Dworak, 11/25/2011
- Re: p20111113 CPS #7.1.2 "Certificate Extensions" adjustments, Philipp Dunkel, 11/25/2011
Archive powered by MHonArc 2.6.16.