Confirm, administrator
5,526
edits
Changes
m
added clarification
* Expects CAs to follow the [https://cabforum.org/baseline-requirements-documents/ BRs]
* Does not expect [https://www.mozilla.org/projects/security/certs/policy/ Mozilla Root Store Policy] section 6.1.1, "End-Entity TLS Certificate CRLRevocation Reasons", to also apply to OCSP responses
* Does not expect the OCSP responses response and CRLs CRL for a certificate to contain the same revocation reason code for each certificate
* Does not do anything special for an OCSP response indicating certificateHold
