On Sun, Oct 16, 2016 at 07:38:29AM -0700, Nick Lamb wrote:
> On Sunday, 16 October 2016 08:59:13 UTC+1, Adrian R. wrote:
> > They rolled back the revocation, but i thought that the BRs explicitly
> > forbid that a suspended/revoked certificate be un-suspended/un-revoked.
> I don't know whether the exact text permits this, but it seems from a common
> sense point of view that what happened here wasn't a revoked certificate
> being unrevoked, but instead a technical fault resulted in the creation of
> Bad OCSP responses for a period of time by mistake for certificates
> GlobalSign never actually revoked.
As far as I understood things, it was also in the CRL.
dev-security-policy mailing list