Nelson B Bolyard wrote: > This is probably a policy question, but: are we willing to accept CAs > that use CRLs that we cannot parse?
I'd say no. > Does this CA also implement OCSP? Can we justify this on the grounds > that we do implement OCSP, and that OCSP will effectively displace CRLs > as the preferred revocation channel? I'd say no. Use of OCSP should not be made mandantory. Ciao, Michael. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
