From f61814473a1340774aec4022a6cbfe1fa2616458 Mon Sep 17 00:00:00 2001 From: Aaron Gable Date: Thu, 15 Aug 2024 11:00:28 -0700 Subject: [PATCH] Use the singular even more --- docs/BR.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/docs/BR.md b/docs/BR.md index ca43f346..abae18b3 100644 --- a/docs/BR.md +++ b/docs/BR.md @@ -1369,12 +1369,11 @@ A certificate serial is "unassigned" if it is not "assigned". The following SHALL apply for communicating the status of Certificates and Precertificates which include an Authority Information Access extension with an id-ad-ocsp accessMethod. -Effective 2025-01-15, an authoritative OCSP response for a Subscriber Certificate MUST be available (i.e. the responder MUST NOT respond with the "unknown" status) starting no more than 15 minutes after the Certificate or corresponding Precertificate is published or otherwise made available. - OCSP responders operated by the CA SHALL support the HTTP GET method, as described in RFC 6960 and/or RFC 5019. The CA MAY process the Nonce extension (`1.3.6.1.5.5.7.48.1.2`) in accordance with RFC 8954. -For the status of Subscriber Certificates: +For the status of a Subscriber Certificate or its corresponding Precertificate: +- Effective 2025-01-15, an authoritative OCSP response MUST be available (i.e. the responder MUST NOT respond with the "unknown" status) starting no more than 15 minutes after the Certificate or Precertificate is published or otherwise made available. - For OCSP responses with validity intervals less than sixteen hours, the CA SHALL provide an updated OCSP response prior to one-half of the validity period before the nextUpdate. - For OCSP responses with validity intervals greater than or equal to sixteen hours, the CA SHALL provide an updated OCSP response at least eight hours prior to the nextUpdate, and no later than four days after the thisUpdate.