[Federation] Historical Keys Response: Reason_code: Define own keywords, remove X.509 CRL (RFC 5280) dependency

Comments (7)

1. 

   Giuseppe De Marco

   I fully agree, it looks like a weak pointer to something that cannot be reused as it is.

   we can therefore propose a similar mapping, we can define it as “inspired” by rfc5280, with same number but different labels.
   since the labels are equivalent but not the same, I suggest to definitively abandon the camel case and use the snake case

   For instance

   caCompromise → ta_compromise
certificateHold → suspended
removeFromCRL → reactivated

   and more

   unspecified → unspecified
keyCompromise → key_compromise

   affiliationChanged → affiliation_changed
superseded → superseded
cessationOfOperation → cessation_of_operation
privilegeWithdrawn → privilege_withdrawn
aACompromise → aa_compromise

   WDYT?

   • 2024-04-04T21:30:49+00:00
2. 

   Michael Jones

   I agree with doing this.

   • 2024-04-04T22:11:22+00:00
3. 

   Vladimir Dzhuvinov reporter

   What is aa_compromise supposed to mean?

   ‌

   • 2024-04-05T14:38:43+00:00
4. 

   Giuseppe De Marco

   aACompromise is a reason code that can be used in a Certificate Revocation List (CRL) to indicate that a certificate is being revoked 
   because of a compromise or suspected compromise of the authority (AA) that issued the certificates. 

   This authority could be a Registration Authority (RA) or a subordinate Certificate Authority (CA) that assists in the management and issuance of certificates.

   • 2024-04-05T15:05:28+00:00
5. 

   Giuseppe De Marco

   • assigned issue to
     
     Giuseppe De Marco

   • 2024-04-05T15:09:47+00:00
6. 

   Giuseppe De Marco

   • changed milestone to Implementer's Draft

   • 2024-04-05T15:53:14+00:00
7. 

   Giuseppe De Marco

   Here the PR that aims to resolve this issue
   https://bitbucket.org/openid/connect/pull-requests/724

   • 2024-04-15T22:07:52+00:00
8. Log in to comment