Confirmed users, Administrators
5,526
edits
CA/Revocation Reasons: Difference between revisions
Jump to navigation
Jump to search
Incorporating feedback
(Incorporating feedback) |
(Incorporating feedback) |
||
| Line 45: | Line 45: | ||
== Tools for Requesting Revocation == | == Tools for Requesting Revocation == | ||
Tools that the CA provides to the certificate subscriber MUST allow for these options to be easily specified when the certificate subscriber requests revocation of their TLS end-entity certificate. | Tools that the CA provides to the certificate subscriber MUST allow for these options to be easily specified when the certificate subscriber requests revocation of their TLS end-entity certificate. | ||
* No reason provided | * No reason provided or unspecified (RFC 5280 CRLReason #0) | ||
** This MUST be the default value in tools provided by the CA. | ** This MUST be the default value in tools provided by the CA. | ||
** Certificate subscribers are not required to provide a revocation reason, unless their private key has been compromised. | ** Certificate subscribers are not required to provide a revocation reason, unless their private key has been compromised. | ||
* keyCompromise (RFC 5280 CRLReason #1) | * keyCompromise (RFC 5280 CRLReason #1) | ||
* affiliationChanged (RFC 5280 CRLReason #3) | * affiliationChanged (RFC 5280 CRLReason #3) | ||
* superseded (RFC 5280 CRLReason #4) | * superseded (RFC 5280 CRLReason #4) | ||
* cessationOfOperation (RFC 5280 CRLReason #5) | |||
<br> | <br> | ||