CA/Revocation Reasons: Difference between revisions

Jump to navigation Jump to search

CA/Revocation Reasons (view source)

Revision as of 21:15, 13 April 2022

13 bytes added ,  13 April 2022
Incorporating feedback
(Incorporating feedback)
(Incorporating feedback)
Line 98: Line 98:


== Banned Revocation Reasons ==
== Banned Revocation Reasons ==
The following revocation reason codes are banned for TLS end-entity certificates. Meaning that if revocation is for one of the following, then the reasonCode extension MUST NOT be provided for that entry in the CRL.
The CRL reasonCode extension MUST NOT contain any of the following reasons for TLS end-entity certificates. If revocation is for one of the following, then the reasonCode extension MUST NOT be provided for that entry in the CRL.
* unspecified (RFC 5280 CRLReason #0)
* unspecified (RFC 5280 CRLReason #0)
** Section 5.3.1 of RFC 5280 says: ''the reason code CRL entry extension SHOULD be absent instead of using the unspecified (0) reasonCode value''
** Section 5.3.1 of RFC 5280 says: ''the reason code CRL entry extension SHOULD be absent instead of using the unspecified (0) reasonCode value''
Kathleen Wilson
Confirmed users, Administrators
5,526

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/1241877"

Navigation menu