Hi Dimitris, The Apple Root Program intends to use this field for all certificates in the future, but our focus at the moment is on non-TLS certificates, so this change aligns well for us right now.
Cheers! -Clint > On Aug 4, 2021, at 12:37 AM, Dimitris Zacharopoulos <[email protected]> wrote: > > > > On 20/7/2021 12:39 π.μ., Kathleen Wilson wrote: >> Renamed the ‘Pertaining to Certificates Issued by this CA’ section to >> ‘Pertaining to Non-TLS Certificates Issued by this CA’. Also updated the >> corresponding help text and the instructions at www.ccadb.org/cas/fields to >> indicate that these full CRL fields are currently intended for the full CRLs >> pertaining to Non-TLS certificates. > > Dear Kathleen, > > Does this mean that this field must be populated for CAs that are not > technically capable of issuing a TLS Certificate (i.e. Technically > Constrained in line with section 7.1.5 of the BRs)? > > If I recall correctly, the Apple Root Program requires this field to be > populated for CAs issuing TLS Certificates and it made sense to extend it for > all CAs. Does this change also align with the Apple Root Program that also > uses CCADB? > > > Thanks, > Dimitris. > > -- > You received this message because you are subscribed to the Google Groups > "[email protected]" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/1fa515ca-bbf9-2ef6-8aac-6fe1682ee9f6%40it.auth.gr. -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/7B94F18D-970B-42D1-9319-E4AE6B8C8166%40apple.com.
smime.p7s
Description: S/MIME cryptographic signature
