On 02/05/2009 04:03 PM, Frank Hecker:
I agree that it would be unusual for a CPS to state that certificate revocation could be done only at the request of the subscriber. However I *can* imagine a CPS where this would be ambiguous. For example, your StartCom CPS is very slightly ambiguous, since it states that "A certificate will be revoked ..." but doesn't explicitly state that it's StartCom that will be doing the revoking; it also doesn't contain any language about this being done regardless of the subscriber's feelings about the matter.
Fantastic! Isn't it interesting that there is always room for improvement? -- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: start...@startcom.org Blog: https://blog.startcom.org -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
