> Is the intention that historic revocations (i.e., revocation entries that > first appeared on a CRL prior to the policy effective date) must be > reviewed and updated, or is this requirement applicable only to those > revocations performed after the new policy becomes effective? > I have added a new first paragraph to the draft policy <https://docs.google.com/document/d/1ESakR4MiwyENyuLefyH2wG8rYbtnmG1xeSYvDNpS-EI/edit?usp=sharing>, which says:
"This section applies to revocations that are performed after <effective date TBD>. Revocation entries that appeared on a CRL prior to <effective date TBD> do NOT need to be changed as a result of this section." Thanks, Kathleen -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/6e9579b0-5791-4130-8eb8-ac7d624622can%40mozilla.org.
