These certificates were issued prior to September 15th, 2023, so they do not need to follow the current BRG profile.
If they were issued on or after September 15th, they would not be in alignment with the BRG OCSP responder certificate profile, as they include the nonRepudiation KU value and certificate policies extension. Thanks, Corey From: [email protected] <[email protected]> On Behalf Of Peter Mate Erdosi Sent: Tuesday, January 16, 2024 12:34 PM To: [email protected] Subject: Compliance question about OCSP responder certificates Dear all, I found the following, what is your opinion, do these OCSP Responder certificates comply with BRG (especially 7.1.2.8.7 OCSP Responder Key Usage) or not? https://ntc.pki.gov.pk/repository/cert/NTC_TLS_CA_OCSP_-_2023.cer https://ntc.pki.gov.pk/repository/cert/NTC_EV_TLS_CA_OCSP_-_2023.cer Many thanks for any answers! Best Regards, Peter -- You received this message because you are subscribed to the Google Groups "[email protected] <mailto:[email protected]> " group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected] <mailto:[email protected]> . To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/fc37cbb4-10a1-42cd-be2b-2b8aedcf136an%40mozilla.org <https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/fc37cbb4-10a1-42cd-be2b-2b8aedcf136an%40mozilla.org?utm_medium=email&utm_source=footer> . -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/DM6PR14MB218625842C29E88495570F6D92732%40DM6PR14MB2186.namprd14.prod.outlook.com.
smime.p7s
Description: S/MIME cryptographic signature
