Confirm, administrator
5,526
edits
Changes
m
Added further clarifications
#* The CA may revoke all certificates associated with that subscriber that contain that public key
#* The CA may block issuance of future certificates with that key for that subscriber
#* Unless the CA receives verifiable evidence of private key compromise the CA must not revoke all instances of that key across all other subscribers
# The certificate subscriber previously requested revocation without demonstrating possession of the private key, and later sends another revocation request which does demonstrate possession of the private key.
#* After receiving the revocation request with demonstrated possession of the private key, the CA must revoke all instances of that key across all subscribers
