On Wed, Aug 09, 2017 at 04:21:19PM +0200, Jakob Bohm via dev-security-policy
> On 08/08/2017 20:46, Alex Gaynor wrote:
> > It's from the BRs 220.127.116.11:
> > The CA SHALL revoke a Certificate within 24 hours if one or more of
> > the following occurs:
> > It's also not a penalty on the CA, it's a remediation step for them to
> > undertake.
> It is a disruption and penalty to the 3rd party certificate holder to
> have their certificate suddenly revoked due to a bureaucratic mistake at
> the CA.
If a certificate holder feels that they have been materially damaged as a
result of their CA's negligence, they should take that up with the CA.
dev-security-policy mailing list