On 17/10/16 16:08, Jakob Bohm wrote:
> 5) OneCRL, even if it was checked by other projects, is an arbitrary
> hodgepodge of CA revocations, SubCA revocations and selected end-cert
> revocations, that cannot possibly match the policies of anyone except
> its maintainers.
Once fully deployed (soon), it will be all CA revocations, all
intermediate revocations, and selected high-profile end-entity cert
revocations. That is the design goal, and we are working towards it.
dev-security-policy mailing list