On Wed, Aug 10, 2022 at 11:13:11AM -0500, Matthew Hardeman wrote: > Assuming that the subscriber agreement provided for an annual fee for > certificates issued under the agreement, or incorporated such contractual > terms with the subscriber, it seems like revocation for privilegeWithdrawn > would be the correct code. It also appears that Mozilla's new policy would > allow for that in the bullet under privilegeWithdrawn which reads "the CA > operator is made aware that the certificate subscriber has violated one or > more of its material obligations under the subscriber agreement or terms of > use".
I suppose so. It's dissapointing, it allows CAs to use revocation as a sabre to rattle to keep subscribers acquiescent. > Presumably the use case here is providing a certificate with max > permissible validity for ease of install/maintenance but billing for said > certificate on a subscription basis without requiring full payment for the > period up front? Sure, "protection racket" is such an ugly term :) Tavis. -- _o) $ lynx lock.cmpxchg8b.com /\\ _o) _o) $ finger [email protected] _\_V _( ) _( ) @taviso -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/20220810172355.GA23189%40thinkstation.cmpxchg8b.net.
