i read in the news (but not here on m.d.s.p) that a few days ago Globalsign 
revoked one of their intermediary roots and then un-revoked it (well, the 
revocation is accidental, but it was still a properly announced revocation, via 
signed CRL and OCSP).


They rolled back the revocation, but i thought that the BRs explicitly forbid 
that a suspended/revoked certificate be un-suspended/un-revoked.


is this revival/un-revocation of an intermediary CA allowed by the BRs?

Adrian R.

(p.s. can we call this revived certificate a zombie? :) )

(off-topic note: sigh, was intending not to post here again because news relay 
servers that strip DKIM signatures will generate a lot of DMARC failure reports 
for rejected messages. oh well.)
dev-security-policy mailing list

Reply via email to