uspki/policies

Editorial Edits for Draft v0.3 (AF)

Closed this issue · 0 comments

Edits for Draft v0.3 submitted by AF.

  • Section 4.9.11

    • The RFC reference for OSCP stapling is obsolete. RFC 6066 replaced RFC 4366.
    • Update the reference from RFC 4366 to RFC 6066.
  • Section 5.4.1

    • First sentence lists Domain Validation TLS Certificate twice. It should be Domain Validation and Organization Validation.
    • Update to cover both Domain Validation and Organization Validation TLS Certificates.
  • Section 5.4.8

    • Risk assessments should not only identify threats, and assess the likelihood and impact, but also identify methods to handle the risk (e.g., mitigations).
    • Recommend adding: 4) Address any risk where the likelihood and impact warrant taking actions to mitigate or remove the risk.
  • Section 7.1.6.3

    • Incorrect word usage in statement "One of more of the …"
    • Change "of" to "or"
  • Section 7.1.6.4 (1)

    • The statement "One US Government reserved … " is missing language prior to "US Government …"
    • Insert "of the" prior to "US Government" for statement to read "One of the US Government reserved policy object identifiers …"
  • Section 9.6.1

    • In the fifth bullet, the word evidence is misspelled.
    • Correct from evidence to evidence.