> Let me explain a bit more: Shall a CA receive a valid and trustworthy request > for deletion of an account/authorization, the CA must totally erase any trace > of data regarding that account
Speaking as a WG chair, I disagree. EU data retention, like US Calea laws, are outside the scope of the protocol. > CAs follow the best interests of the users, don't they? As commercial vendors, their shareholders should come first. Speaking as an individual, I support the MR. _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
