To help CAs and any other interested parties track compliance with MRSP Version 2.8's CRL disclosure requirement (https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/#41-additional-requirements) before the October 1st deadline, I've updated https://crt.sh/mozilla-disclosures to flag in-scope Intermediate Certificates for which both the "Full CRL Issued By This CA" and "JSON Array of Partitioned CRLs" fields are empty in the corresponding CCADB records.
https://crt.sh/mozilla-disclosures#disclosureincomplete shows each affected Intermediate Certificate, with the message '"Full CRL Issued By This CA" or "JSON Array of Partitioned CRLs" is required'. https://crt.sh/mozilla-disclosures#disclosureincompletesummary shows a summary of the same information, grouped by Root Owner. -- Rob Stradling Senior Research & Development Scientist Sectigo Limited -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/MW4PR17MB472956903A43D2975E52D7DEAA519%40MW4PR17MB4729.namprd17.prod.outlook.com.
