Just to be clear: My initial proposal was simply to indicate "All information in this certificate has been validated in accordance with the explicit methods in Version X"
That is, even if information is reused, that the information was compatible with version X. If version X+1 or X+3 changes things substantially - but still permits reuse of Version X data - then you'd continue to assert Version X. If Version X+3's validation was still compatible with Version X (perhaps it added a new method, or changed something unrelated), you could assert either X, X+1, X+2, or X+3 and still be in full compliance. Asserting X+3 is, of course, a stronger security assurance, but asserting X is still compliant/compatible :)
_______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
