> That said, I'm not confident I know the impact of the change to 7.5 (the OCSP > stuff) as I've not gone looking at code nor thought about any ops issues that > could arise, but it looks reasonable for sure, so is probably ok unless > someone yells.
I just re-read the document, particularly 7.5. I'd move the two CRL bullets together (i.e., "and the last shall be second" as it were). And in the second (to become third) bullet, I think the privacy issues are particularly important for non-heavy-traffic web servers, so I'd remove that whole when close at the end of the first sentence. But other than those two minor quibbles, it looks very good. +1 ( I was pleasantly surprised to see my name in sec 8 :) -- Principal Security Engineer, Akamai Technologies IM: [email protected] Twitter: RichSalz _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
