You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
...
CAs MAY provide OCSP responses for Code Signing Certificates and Timestamp Certificates for the time period specified in their CPS, which MAY be at least 10 years after the expiration of the certificate.
...
This seems to specify that CAs MAY keep OCSP responses for up to 10 years after expiration. However, for CRL, this is a MUST. Do we need cleanup /clarification of this language?
The text was updated successfully, but these errors were encountered:
4.9.10 currently reads:
...
CAs MAY provide OCSP responses for Code Signing Certificates and Timestamp Certificates for the time period specified in their CPS, which MAY be at least 10 years after the expiration of the certificate.
...
This seems to specify that CAs MAY keep OCSP responses for up to 10 years after expiration. However, for CRL, this is a MUST. Do we need cleanup /clarification of this language?
The text was updated successfully, but these errors were encountered: