On Fri, Feb 04, 2022 at 09:14:35PM +0000, Rob Stradling wrote: > You're right, Matt. Naming things is hard, but accurate naming is worth > striving for. I renamed it from Certificate Revocation Request (CRR) to > Key Compromise Request (KCR) just before I clicked send. I suppose > Certificate Revocation For Key Compromise Request (CRFKCR) would have been > a more accurate term; that just rolls off the tongue, doesn't it? 😉
Snappy name, indeed. I think that Certificate Revocation Request is a much better name for what Sectigo has cooked up there, because it is requesting revocation for a certificate. That you can tick a box that says "I assert that this key is compromised" as well is more of a side-effect. - Matt -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/20220205005820.GC11647%40hezmatt.org.
