On Mar 5, 2013, at 5:47 PM, Randy Bush <[email protected]> wrote: >> Typically the rationale for the URI is so that the a CA can satisfy >> it's legal counsel that potential relying parties have been informed, >> via the URI, of the presence of a CPS, and that RPs who care can >> download and read it before maknig use of the certs issued by the CA. >> >> Its a CYA mechanism. > > it is an arin disease that opens the user to malware attack. just say > no.
Randy - Feel free to omit the URI to the CPS in certs that you issue, but that should not preclude others from including them so if they so desire. Thanks! /John John Curran President and CEO ARIN _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
