On 17/10/16 16:08, Jakob Bohm wrote: > 5) OneCRL, even if it was checked by other projects, is an arbitrary > hodgepodge of CA revocations, SubCA revocations and selected end-cert > revocations, that cannot possibly match the policies of anyone except > its maintainers.
Once fully deployed (soon), it will be all CA revocations, all intermediate revocations, and selected high-profile end-entity cert revocations. That is the design goal, and we are working towards it. Gerv _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
