Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Draft Version 0.4 publishing #573

Merged
merged 74 commits into from
Feb 26, 2019
Merged

Draft Version 0.4 publishing #573

merged 74 commits into from
Feb 26, 2019

Conversation

lachellel
Copy link
Contributor

Version 0.3 wasn't published to the live site. Changes in this PR inclusive of Version 0.3 and 0.4 for public and team reviews.

  • Removal of CRLs as required for the issuing CA(s)
  • Updates for CAB Forum ballots
  • Removal of enterprise RAs
  • Removal of CT requirements in policy (staged for future incorporation - chicken/egg challenge with audits)
  • Other

Kenneth Myers and others added 30 commits May 24, 2018 14:45
Add Infrastructure Cert Type
357d140 
This commit defines a new Certificate type, infrastructure certificates, to address issue #519. This commit will update a Delegated OCSP Responder Certificates from a Subscriber Certificate to this new Infrastructure Certificate type.
@lachellel
minor updates for ocsp certs and infrastructure designation
0c6ba5a
@lachellel
Merge pull request #520 from uspki/Infrastructure-Cert-type
131a9c5 
Add Infrastructure Cert Type
@lachellel
removing enterprise RAs, closes #526
b87c7fd
@lachellel
updates to section 2 for #528 and #506; closes #528; closes #506
36a0448
@lachellel
updated subordinate ca names to have a space; closes #509
8f03676
@lachellel
updated section 1.5.4 for #529
151b878
@lachellel
updated definitions and references; added whois; rearranged rfc refer…
0c16881 
…ence order; closes #524
@lachellel
editorial and reference updates for ballot 220; closes issue #522
d03cfe9
@lachellel
moving revision history; #538
1bf5608
@lachellel
updated certificate profiles for clarity on serial number size and en…
6938806 
…tropy; closes #510
@lachellel
updated certificate profiles aand section 7.1.5 for the mandatory inc…
cebd736 
…lusion of c=US and nameconstraints
@lachellel
section 3.2.2 updates for #507; countryName required
8989ff0
@lachellel
addition of CAA record changes in 3.2.2.8 and section 4 for #521
bb8b8be
@lachellel
removing most CT requirements for #535; CT requirements will be added…
c7e44c8 
… back as a change proposal after first CP release
@lachellel
fixes #532 updated navigation, updated version number for policy header
04d1f59
@lachellel
added the 0.2 release to background page
746e486
@lachellel
fixing some formatting in the additions
73cdad5
@lachellel
updated subordinate ca profile to add the ocsp eku and fixed mistakes…
426ef66 
… in 3.2.2
@lachellel
updated ocsp response profile to fix stray shouting shall statement
d072cfc
@lachellel
updated section 1.2 to replace the tbd uri
a0b59a3
@lachellel
the pdf form of v0_3
b091a9c 
pdf
@lachellel
fixed formatting in certificate policy, changed config and header to …
1af5ea2 
…use relative uri for pdf download
@lachellel
Merge pull request #540 from uspki/draftRev3
88b7df7 
Draft rev3
@lachellel
updated 7.1.5 to restrict DirName to only one #507
b3d2b5e
@debcooley
debs updates
bf142d2 
mostly editorial changes
@debcooley
fewer typos
dce460c 
These might be more controversial....
@debcooley
Section 4 edits
f9d29db 
pretty benign
@debcooley
Section 6.5.1 changes
fe26478 
First 2 paragraphs are covered in Section 5.2.3

Remote access is clearly not required for the Root CA, and the subordinate CA CPS states that it is disabled.  I don't believe this is something we want to encourage.
@debcooley
Section 6.6 and 6.7 changes
a6d83d6
debcooley and others added 29 commits December 12, 2018 10:46
@debcooley
vulnerability scan requirements
3c6bb0f 
I consolidated and de-conflicted requirements for vulnerability scanning.  Added requirements to 5.4.8 and removed them from 6.6.3
@lachellel
Merge pull request #558 from debcooley/patch-7
ff4bdf9 
vulnerability scan requirements
@lachellel
section 1 updates for crl #556
d6c490d
@lachellel
section 2 updates for crl #556:
1a9d6d2
@lachellel
section 4 updates for crl #556
9d09383
@lachellel
section 5.7.3 updates for crl #556
c34c5ad
@lachellel
server auth cert profile update for clr #556
fcacbdb
@lachellel
section 5.8 update for crl #556
718fda2
@lachellel
added DR requirements back to section 5.7.1; fixes #555
0044051
Update README.md
d674d7e 
Updated to address Issue #561.
Update for SC13
d9f7b76 
The only two methods supported by the USPKI TLS is method 6 and 7. Fixes #559
Update for SC12
0ed480f 
Disallow underscore in dnsName entries.
Update for SC12
f2f758f
Update for SC12
79d0841
Change Must to Shall
8fa2c0b
Change Must to Shall
8397ace
Update Revision Table
0b47776
Update for SC14
3a99b3b
Update for SC06
f289961 
Fixes #552 
- Section 4.9.1.1 | Added a revocation reason for subscriber certificates due to demonstration of subscriber private key compromise.
- Section 4.9.3 | Require clear instructions be provided in CPS Section 1.5.2.
- Section 4.9.5 | Update for new 24 hour reporting timeline and remove activity requirements based on CRL issuance time.
- Appendix A | Definition of Key compromise matches.
Merge pull request #563 from uspki/sc6
6a167e6 
Integrate changes from SC06
Merge pull request #564 from uspki/sc12
81cfb41 
Integrate changes from SC12
Merge branch 'sc14' into sc13
463451a
Merge pull request #565 from uspki/sc13
170f286 
Integrate changes from SC13
Merge branch 'draftRev4' into sc14
49527a4
@lachellel
updated for SC06
8a39df5 
modified 4.9.1.1
updated 4.9.5
@lachellel
Merge pull request #566 from uspki/sc14
6046840 
Integrate changes from SC06, SC12, SC13, and SC14
@lachellel
Update certificate-policy.md
0eeeca8 
to satisfy the grammar police
@lachellel
Merge pull request #567 from uspki/draftRev4
337954d 
certificate policy updates (rev4)
@lachellel
Merging preview website updates to master (#572)
07d3f45 
* Draft rev4 website (#571)

* updated config for version; updated comment page for versions

* updated version and date for cover page

* editorial change to remove accidental periods at the end the domain validation method section numbers

* typo in section 6.5.1

* typo in 7.1.6.1

* pdf version of 0_4 cp

* updated config

* broken link on comment page

quick fix
@lachellel lachellel merged commit 41ed1c7 into policy-pages Feb 26, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@lachellel @weirdscience @debcooley