CA/Revocation Reasons: Difference between revisions

Jump to navigation Jump to search

CA/Revocation Reasons (view source)

Revision as of 23:55, 12 April 2022

490 bytes added ,  12 April 2022
continued drafting text
(continued drafting text)
(continued drafting text)
Line 28: Line 28:
* No reason provided
* No reason provided
** When the above reason codes do not apply to the revocation request, the certificate subscriber SHOULD NOT indicate a revocation reason.
** When the above reason codes do not apply to the revocation request, the certificate subscriber SHOULD NOT indicate a revocation reason.
Section 7.2.2 of the [https://cabforum.org/baseline-requirements-documents/ CA Browser Forum Baseline Requirements] says:
''If a reasonCode CRL entry extension is present, the CRLReason MUST indicate the most appropriate reason for revocation of the certificate, as defined by the CA within its CP/CPS.''
Therefore, the CA MUST ensure that their CP/CPS documents are in sync with their Subscriber Agreements in regards to appropriate reasons for revocation of TLS end-entity certificates.


== Tools for Requesting Revocation ==
== Tools for Requesting Revocation ==
Kathleen Wilson
Confirmed users, Administrators
5,526

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/1241850"

Navigation menu