MRSP 3.1: Issue #299: Mass Revocation Planning Audits

[Ben Wilson]

All,

This email concerns the criteria for assessing the mass revocation planning efforts of CA operators in MRSP section 6.1.3, which was written prior to the adoption of TLS BR section 5.7.1.2 by CA/Browser Forum Ballot SC-89.

I am proposing that we address Issue #299, which is related to Issue #293 - eliminating duplication with CCADB/CABF BRs, by removing some requirements in section 6.1.3 that are now found in section 5.7.1.2 of the TLS BRs.  

Here is a GitHub comparison for your review and comment:  https://github.com/BenWilson-Mozilla/pkipolicy/commit/39c7e9eb8975a99a9314a0a2cea88ac9d255e19c.

The proposed change aligns evaluation of compliance with the CA operator’s standard TLS BR audit and removes the implication that a separate third-party assessment is required.

Please provide any comments or concerns.

Thanks,

Ben