MozillaWiki

CA/Required or Recommended Practices: Difference between revisions

Page Discussion

CA/Required or Recommended Practices (view source)

Revision as of 17:52, 12 February 2019

78 bytes removed ,  12 February 2019
Deleted the line about support GET, since Mozilla does not support/use it.
m (made new bullet point less restrictive. It'll be updated again by Wayne after discussion in m.d.s.p)
(Deleted the line about support GET, since Mozilla does not support/use it.)
Line 169: Line 169:
As per the [https://www.cabforum.org/documents.html CA/Browser Forum’s Baseline Requirements]:
As per the [https://www.cabforum.org/documents.html CA/Browser Forum’s Baseline Requirements]:
# The OCSP URI must be provided in the certificate, except when OCSP stapling is used. (sections 7.1.2.2, 7.1.2.3)
# The OCSP URI must be provided in the certificate, except when OCSP stapling is used. (sections 7.1.2.2, 7.1.2.3)
# CAs SHALL support an OCSP capability using the GET method. (section 4.9.10)
# OCSP Responders SHALL NOT respond “Good” for Unissued Certificates. (section 4.9.10)
# OCSP Responders SHALL NOT respond “Good” for Unissued Certificates. (section 4.9.10)
# OCSP Responses shall be updated at least every four days and have a maximum expiration time of ten days (section 4.9.10)
# OCSP Responses shall be updated at least every four days and have a maximum expiration time of ten days (section 4.9.10)
Kathleen Wilson
Confirmed users, Administrators
5,526

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/1207639"