On Sun, Oct 16, 2016 at 07:38:29AM -0700, Nick Lamb wrote: > On Sunday, 16 October 2016 08:59:13 UTC+1, Adrian R. wrote: > > They rolled back the revocation, but i thought that the BRs explicitly > > forbid that a suspended/revoked certificate be un-suspended/un-revoked. > > I don't know whether the exact text permits this, but it seems from a common > sense point of view that what happened here wasn't a revoked certificate > being unrevoked, but instead a technical fault resulted in the creation of > Bad OCSP responses for a period of time by mistake for certificates > GlobalSign never actually revoked.
As far as I understood things, it was also in the CRL. Kurt _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
