On 17/10/16 16:08, Jakob Bohm wrote:
> 5) OneCRL, even if it was checked by other projects, is an arbitrary
>   hodgepodge of CA revocations, SubCA revocations and selected end-cert
>   revocations, that cannot possibly match the policies of anyone except
>   its maintainers.

Once fully deployed (soon), it will be all CA revocations, all
intermediate revocations, and selected high-profile end-entity cert
revocations. That is the design goal, and we are working towards it.

Gerv

_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Reply via email to