Again, I'm not a native speaker. I used "suspects", you use "believes". In my non-native-speaking-gut-feeling, the former is less certain than the latter. But I might be wrong of course.
There are cases where everything is clear: Somebody reports that a part of a certificate doesn't comply or that a key is compromised or a CAA-record wasn't checked => Revoke. There are also cases where it's not that clear because regulation isn't a mathematical definition and sometime leaves room for interpretation. Now, for one person it might be crystal clear, but for somebody else, there might me need for interpretation / discussion. > Are you saying that a CA shouldn’t act on that belief until someone else > discovers the issue? This is exactly the kind of question that is very difficult for me to answer. I never intended to say anything like that. I wanted to point out the chilling effect the current discussions are having. Rgds Roman From: [email protected] <[email protected]> On Behalf Of Mike Shaver Sent: Mittwoch, 19. Juni 2024 14:32 To: public <[email protected]> Subject: Re: Revocation necessity: subjective or objective On Wed, Jun 19, 2024 at 2:56 AM Roman Fischer <[email protected]<mailto:[email protected]>> wrote: If reporting a suspected mis-issuance has the effect that revocation is expected, then I fear this will stifle CAs willingness to report. It's the chilling effect that we IMHO already see in current ongoing discussions. ☹ I admit that I'm also at a point where I rather keep quiet than voicing my opinion. Apologies, but I think I don’t quite understand what you’re saying here. What do you think should happen if a CA believes that they have mis-issued certificates, if not revocation? Are you saying that a CA shouldn’t act on that belief until someone else discovers the issue? Mike -- You received this message because you are subscribed to the Google Groups "CCADB Public" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. To view this discussion on the web visit https://groups.google.com/a/ccadb.org/d/msgid/public/CADQzZqtviFH_zcn16QXg1We%3Dx40DFgbBo8_rY5KA5b4WgVKSEQ%40mail.gmail.com<https://groups.google.com/a/ccadb.org/d/msgid/public/CADQzZqtviFH_zcn16QXg1We%3Dx40DFgbBo8_rY5KA5b4WgVKSEQ%40mail.gmail.com?utm_medium=email&utm_source=footer>. -- You received this message because you are subscribed to the Google Groups "CCADB Public" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/ccadb.org/d/msgid/public/ZR0P278MB0170D9125C439B01C946932CFACF2%40ZR0P278MB0170.CHEP278.PROD.OUTLOOK.COM.
