Ballot 80 – Response for Non-Issued Certificates (Passed)
Yngve Pettersen made the following motion and Ben Wilson and Carsten Dahlenkamp endorsed it:
… Motion begins….
Effective 1 Feb 2013
Insert a new section at the end of section 13.2 of the Baseline Requirements with the following heading and text:
“13.2.6 Response for non-issued certificates
If the OCSP responder receives a request for status of a certificate that has not been issued, then the responder SHOULD NOT respond with a “good” status. The CA SHOULD monitor the responder for such requests as part of its security response procedures.
Effective 1 August 2013, OCSP responders MUST NOT respond with a “good” status for such certificates.”
The ballot review period comes into effect at 21:00 UTC on 19 July 2012 and will close at 21:00 UTC on 26 July 2012. Unless the motion is withdrawn during the review period, the voting period will start immediately thereafter and will close at 21:00 UTC on 2 August 2012. Votes must be cast by posting an on-list reply to this thread.
… Motions ends …
A vote in favor of the motion must indicate a clear ‘yes’ in the response.
A vote against must indicate a clear ‘no’ in the response. A vote to abstain must indicate a clear ‘abstain’ in the response. Unclear responses will not be counted. The latest vote received from any representative of a voting member before the close of the voting period will be counted.