Before: Arbitrator EvaStöwe (A), Respondent: CAcert (R), Claimant: Felix D (C), Case: a20140624.2

History Log

Private Part

EOT Private Part

original Dispute

Discovery

When the bug is fixed, anybody who sees a further need for revocation could request this again, so that the last point could be evaluated further, if necessary. But fur the time being a revocation would not solve anything so it should not be done.

However software team is encouraged to inform users about according issues when they create according certificates via the system.

Ruling

1. As the bug is not fixed even about two years after filing the dispute it does not make sense to revoke certificates at the time being. No certificates should be revoked because of this bug until it is fixed.
2. The request to look up the number of affected certificates is rejected.
3. As neither the bug nor the dispute provide an indication that certificates with more than one wildcards may not be issued even as they SHOULD not be accepted by clients, no affected certificates should be revoked based on the bug even after the bug is fixed.
4. However, the last point was not evaluated deeply in this case. After the bug is fixed, another dispute for revocation of according certificates may be failed, if and only if proof is provided that such certificates are not allowed to be issued.
5. As no certificates will be removed, there is no need to inform those members specifically. Even as all members are encouraged to inform other members about possible issues regarding certificates.

Eva Stöwe 2016-06-21

Execution

Similiar Cases

to be done


Arbitrations/a20140624.2 (last edited 2016-06-21 20:54:51 by PietStarreveld)