Hi Ryan,

On 10/04/17 17:03, Ryan Sleevi wrote:
> 2) You stated that "browsers didn't process certificate policy extensions
> content during path building". This fails to clarify whether you believe it
> was a Baseline Requirements violation, which makes no such statements
> regarding policy building. Further, no such browser has, except for EV,
> made use of any policy IDs beyond path building.

Can you clarify: are you asking if Steve believes that the BRs require
_browsers_ to do such processing of certificate policy extensions?

Or are you asking him if he believes that including such extensions in
the cross-cert was a BR violation?

Or if he believes that cross-certifying into a hierarchy which relies
upon such extensions is a BR violation?

Or something else? :-)

dev-security-policy mailing list

Reply via email to