Typically the rationale for the URI is so that the a CA can satisfy it's
legal counsel that
potential relying parties have been informed, via the URI, of the
presence of a CPS, and
that RPs who care can download and read it before maknig use of the
certs issued by the CA.
Its a CYA mechanism.
Steve
0) Based on the assumption that draft-newton-sidr-policy-qualifiers will
be adopted
i simply do not understand the utility of that draft
either no one ever sees the urls, or they are a malware attack vector.
randy
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
