Confirm, administrator
5,526
edits
Changes
Incorporating feedback
== Tools for Requesting Revocation ==
Tools that the CA provides to the certificate subscriber MUST allow for these options to be easily specified when the certificate subscriber requests revocation of their TLS end-entity certificate.
* No reason providedor unspecified (RFC 5280 CRLReason #0)
** This MUST be the default value in tools provided by the CA.
** Certificate subscribers are not required to provide a revocation reason, unless their private key has been compromised.
* keyCompromise (RFC 5280 CRLReason #1)
* affiliationChanged (RFC 5280 CRLReason #3)
* superseded (RFC 5280 CRLReason #4)
* cessationOfOperation (RFC 5280 CRLReason #5)
<br>
