On 17/10/16 16:08, Jakob Bohm wrote:
> 5) OneCRL, even if it was checked by other projects, is an arbitrary
>   hodgepodge of CA revocations, SubCA revocations and selected end-cert
>   revocations, that cannot possibly match the policies of anyone except
>   its maintainers.

Once fully deployed (soon), it will be all CA revocations, all
intermediate revocations, and selected high-profile end-entity cert
revocations. That is the design goal, and we are working towards it.


dev-security-policy mailing list

Reply via email to