MozillaWiki

CA/Root Store Policy Archive: Difference between revisions

Page Discussion

CA/Root Store Policy Archive (view source)

Revision as of 16:42, 29 April 2022

3 bytes removed ,  29 April 2022
m
→‎2.8: Minor
(Added section for MRSP v.2.8)
m (→‎2.8: Minor)
Line 13: Line 13:
** October 1, 2022:  New Section 6.1.1 - When an end entity TLS certificate (i.e. a certificate capable of being used for TLS-enabled servers) is revoked for one of the specified reasons below, the CRLReason MUST be included in the reasonCode extension of the CRL entry corresponding to the end entity TLS certificate.  
** October 1, 2022:  New Section 6.1.1 - When an end entity TLS certificate (i.e. a certificate capable of being used for TLS-enabled servers) is revoked for one of the specified reasons below, the CRLReason MUST be included in the reasonCode extension of the CRL entry corresponding to the end entity TLS certificate.  
** July 1, 2023: CAs SHALL NOT sign SHA-1 hashes over certificates with an EKU extension containing the id-kp-ocspSigning key purpose; intermediate certificates that chain up to roots in Mozilla's program; OCSP responses; or CRLs.
** July 1, 2023: CAs SHALL NOT sign SHA-1 hashes over certificates with an EKU extension containing the id-kp-ocspSigning key purpose; intermediate certificates that chain up to roots in Mozilla's program; OCSP responses; or CRLs.


* [https://github.com/mozilla/pkipolicy/pull/245/files List of changes and diff]
* [https://github.com/mozilla/pkipolicy/pull/245/files List of changes and diff]
Bwilson
Confirmed users
377

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/1242138"