Re: Digest for public@ccadb.org - 1 update in 1 topic

252 views

Skip to first unread message

Adrian Mueller

unread,

Mar 13, 2023, 8:09:13 AM3/13/23

to pub...@ccadb.org

Dear Ben,

Thank you for bringing up this topic. Concerning the sentence “We have previously instructed CAs that when there is no CRL, they should put an empty JSON array in this field, "[]" I have the following question (please excuse my ignorance):

To which case does the sentence refer to?

The CA does not issue a CRL at all (e.g. because it relies on OCSP only or because it issues short-lived certificates for which no revocation services are provided).
The CA issues a full CRL only, no partitioned CRLs are issued and therefore no array of partitioned CRLs is provided.

Thanks in advance for your answer.

Best regards

Adrian

Adrian M. Mueller

Product Manager Certificate Services

+41 43 811 05 97

adrian....@swisssign.com

Am Sa., 11. März 2023 um 05:40 Uhr schrieb <pub...@ccadb.org>:

pub...@ccadb.org Google Groups

Topic digest
View all topics

Empty JSON Array of Partitioned CRLs - 1 Update

Empty JSON Array of Partitioned CRLs

Ben Wilson <bwi...@mozilla.com>: Mar 10 12:22PM -0700

All,
The CCADB currently has a field titled, "JSON Array of Partitioned CRLs".
We have previously instructed CAs that when there is no CRL, they should
put an empty JSON array in this field, "[]". A problem has arisen when
this field is populated via API. When this notation for an empty array is
submitted to the CCADB via API, it is dropped. So, I'm wondering whether we
should adopt some other, consistent notation that will work with the API
and for everyone who might use the information from this field in the
CCADB. (I don't like the idea of just leaving this field empty, because
that is the default when no information has been provided by the CA.)
Any advice is appreciated.
Thanks,
Ben

Back to top

You received this digest because you're subscribed to updates for this group. You can change your settings on the group membership page.
To unsubscribe from this group and stop receiving emails from it send an email to public+un...@ccadb.org.

-----------------------

Adrian MUELLER

Tel: +41 79 502 53 45

Ben Wilson

unread,

Mar 13, 2023, 10:46:17 AM3/13/23

to Adrian Mueller, pub...@ccadb.org

Hi,

The JSON array field is used, at least, for the first example - no CRLs.

For the second one, the "Full CRL" field in the CCADB should be populated.

Feel free to follow up with additional questions.

Ben

--
You received this message because you are subscribed to the Google Groups "CCADB Public" group.
To unsubscribe from this group and stop receiving emails from it, send an email to public+un...@ccadb.org.
To view this discussion on the web visit https://groups.google.com/a/ccadb.org/d/msgid/public/CAPO7BzBmcB6x423ioMwNq4Nn%3Dgh3PoVZkK__EQ%2Br9J7qROGz1A%40mail.gmail.com.

Reply all

Reply to author

Forward

0 new messages