On 11/30/2017 02:34 PM, Richard Barnes wrote: > As Jacob points out, CAs are already required to keep around CSRs in > audit logs.
You missed an important nuance: CAs are not required to keep around CSRs in an online database for live querying on the web. It is much more expensive to store a CSR in a performant database than a rarely-accessed log. _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
