Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
SC-58: Require distributionPoint in sharded CRLs (#396)
* SC-XX: Require distributionPoint in sharded CRLs The language in RFC 5280 regarding the interaction between the distributionPoint field of the Issuing Distribution Point CRL extension and the existence of sharded CRLs has led to significant debate on interpretation, and appears to contradict X.509. To protect against replacement attacks, make it explicitly clear that the Issuing Distribution Point extension and distributionPoint field are required for sharded or partitioned CRLs. * Remind readers that the IDP must be critical * Change effective date to Jan 15 * Change effective date in Section 1.2 table, too
- Loading branch information