It’s a good time to do it, too, since after governance reform, we want to be able to quickly know which certificates are in scope for which working groups.
We discussed this at a few F2Fs. -Tim From: Ryan Sleevi [mailto:[email protected]] Sent: Thursday, April 12, 2018 1:54 PM To: Jeff Ward <[email protected]> Cc: Tim Hollebeek <[email protected]>; CA/Browser Forum Public Discussion List <[email protected]> Subject: Re: [cabfpub] Applicability of BRs to Client Authentication certificates On Thu, Apr 12, 2018 at 1:45 PM, Jeff Ward <[email protected] <mailto:[email protected]> > wrote: If 7.1.2.3.f is ignored, it is less confusing, but there is still potential ambiguity as to what ‘authenticating a server accessible through the Internet’ means. It would be best if the BRs clearly specified the technical characteristics of identifying a certificate that is ‘in-scope’. In that regard, I think we're in violent agreement. Root Programs have undertaken this to some extent, but it would be good to revisit clarification, hopefully now that more CAs are aware of the problems posed.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
