Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Clarify CA Key Pair generation #23

Merged
merged 1 commit into from
May 27, 2020
Merged

Clarify CA Key Pair generation #23

merged 1 commit into from
May 27, 2020

Conversation

sleevi
Copy link
Owner

@sleevi sleevi commented May 26, 2020

Attempt to close cabforum#184

@sleevi
Copy link
Owner Author

sleevi commented May 26, 2020

@wthayer @timfromdigicert in case you had thoughts

@wthayer
Copy link
Collaborator

wthayer commented May 26, 2020

Thanks. Looks good to me.

@pfuentes69
Copy link

Any chance to consider removing the need to have an independent audit for technically-constrained subordinate CAs?

pfuentes69
pfuentes69 reviewed May 27, 2020
View reviewed changes
docs/BR.md Show resolved Hide resolved
@sleevi sleevi mentioned this pull request May 27, 2020
Open
@sleevi sleevi merged commit 4c92343 into 2020-04-01-Cleanups May 27, 2020
@sleevi sleevi deleted the sleevi-patch-3 branch May 27, 2020 15:09
@timfromdigicert
Copy link
Collaborator

Looks reasonable to me.

sleevi added a commit that referenced this pull request Jul 27, 2020
@sleevi
Clarify CA Key Pair generation (#23)
8988bcd 
Close cabforum#184
sleevi added a commit that referenced this pull request Jul 27, 2020
@sleevi
Clarify CA Key Pair generation (#23)
40970eb 
Close cabforum#184
sleevi added a commit that referenced this pull request Aug 25, 2020
@sleevi
Clarify CA Key Pair generation (#23)
ee4ad16 
Close cabforum#184
sleevi added a commit that referenced this pull request Nov 4, 2020
@dzacharo @sleevi
@CBonnell @clintwilson
SC35+SC28 (cabforum#224)
23c3cc6 
* Ballot SC28v6: Logging and Log Retention (cabforum#222)

Add SC28

* SC35: Cleanups and Clarifications (cabforum#208) (cabforum#223)

* Cleanup typos and issues from SC17

Closes cabforum#152

* Fix an incorrect reference from 3.2.5 to 3.2.2.5

Closes cabforum#155

* Fix typo: compliancy -> compliance

Closes cabforum#159

* Cleanup old effective date for CP/CPSes

Closes cabforum#161

* Update effective date for 3.2.2.4.6

Closes cabforum#163

* Move weak key lookups into 24-hour revocation

Closes cabforum#164

* Align Section 6.1.1.3 with 4.9.1.1

Closes cabforum#171

* Replace RFC 6844 with RFC 8659

Closes cabforum#168

* Clarify that revocation is permitted if required by CP/CPS/BRs

Closes cabforum#172

* Correct links to US gov't denial lists

Closes cabforum#76

* Add a definition for CA Key Pair

cabforum#127

* Clarify CA Key Pair generation (#23)

Close cabforum#184

* Attempt to clarify policy OIDs (#21)

Attempts to resolve cabforum#179 by introducing the term "Server Certificate" to distinguish from Subscriber Certificate (which may include Subordinate CAs), and to scope the requirements around identity information to only Server Certificates

* Fixup formatting issues in the PDF

* Fix issues spotted by Corey

Co-authored-by: Corey Bonnell <[email protected]>

* Cleanup EVG terminology

* Clarify organizationIdentifier contents

As requested by Mads from Buypass in https://archive.cabforum.org/pipermail/servercert-wg/2020-August/002148.html

* Apply further suggestions from Corey

Correct Subscriber -> Applicant in additional places

Co-authored-by: Corey Bonnell <[email protected]>

* Spelling, formatting, punctuation improvements (#31)

* Where a word was spelling multiple ways (e.g. organization & organisation) consolidate on whichever form is the majority used
* MD formatting improvements (e.g. 5 numeral headings updated to have 5 '#' instead of 4)
* More consistent punctuation in section headings (e.g. '3.2.2.4.*:' vs '3.2.2.4.*')
* More correct - I hope - extension values (e.g. extKeyUsage instead of extendedKeyUsage)
* Improved, but identical - I hope - terminology (e.g. key purposes instead of usages where context is id-kp-*)
* Various minor spelling corrections (e.g. jursidiction -> jurisdiction, Certifiation -> Certification, etc.)

Co-authored-by: Corey Bonnell <[email protected]>
Co-authored-by: Clint Wilson <[email protected]>

Co-authored-by: sleevi <[email protected]>
Co-authored-by: Corey Bonnell <[email protected]>
Co-authored-by: Clint Wilson <[email protected]>

* Update version numbers and cover pages.

* Update effective date to 2020-10-19.

* Update version for the cover page

Co-authored-by: sleevi <[email protected]>
Co-authored-by: Corey Bonnell <[email protected]>
Co-authored-by: Clint Wilson <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pfuentes69 pfuentes69 pfuentes69 left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@sleevi @wthayer @pfuentes69 @timfromdigicert