Changes

CA/Revocation Reasons

337 bytes added, 23:50, 12 April 2022

continued drafting text

* TO DO

== OCSP ~~and CRL~~ ==The [https://cabforum.org/baseline-requirements-documents/ CA/Browser Forum Baseline Requirements] say they following about CRLReasons in OCSP:* Section 7.3: ''Effective 2020‐09‐30, the CRLReason indicated MUST contain a value permitted for CRLs, as specified in Section 7.2.2.''* Section 7.3.2: ''The singleExtensions of an OCSP response MUST NOT contain the reasonCode (OID 2.5.29.21) CRL entry extension.''

TO DO

* Address questions about consistency between OCSP and CRL revocation reason codes for a certificate. (Not required by Mozilla)

* BR section 7.3.2 says: “The singleExtensions of an OCSP response MUST NOT contain the reasonCode (OID 2.5.29.21) CRL entry extension.”

* Answer question about certificateHold in OCSP responses per RFC 6960?

BRs section 7.2.2: '' the CRLReason MUST NOT be certificateHold''

== Banned Revocation Reasons ==

Kathleen Wilson

Confirm, administrator

5,526

edits

Changes

CA/Revocation Reasons

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

How to Contribute

MozillaWiki

Around Mozilla

Tools