Nick Lamb <> writes:

>Although we'd usually say "contract" means a signed piece of paper the law
>considers that just an artefact, a contract is the "meeting of minds"
>requiring both parties to understand and agree on its terms. That's why
>tricking someone into signing works in the movies but not so much in real
>life. Likewise I think an OCSP "Bad" response, though we'd colloquially call
>it a revocation is only a technical artefact, actual revocation is a decision
>by the Issuer.

Man, that's convoluted logic!  I recently read a paper on the use of language
to make civilians killable ("imminent threat", "signature strikes", and so
on), and even the military lawyers would have to read that paragraph about
three times, possibly accompanied by a few beers, to see how it justified what
was done.

Why not take the easier way out, that since "ISO/IEEE/ETSI/CABF write
guidelines and recommendations, which you're free to follow or not",
Globalsign is free to follow (or not) the BRs, and in this case it can choose
not to (if indeed that's what it's done).

>Does that make sense?

Possibly, but I think my way's easier :-).

dev-security-policy mailing list

Reply via email to