Reviewer: Stefan Santesson Review result: Ready This document is well written and in general I do not have any comment on the content beyond the previous reviews. One thing do come to my mind though. A common aspect of standards documents is that they only are relevant to those who declare compliance to the standard. This document is different as it relies on that all parties (CA:s) are aware of this standard and performs the stipulated checks. In the end I assume that this may affect relying parties and how they determine wether a particular certificate is valid, even if that is not the intention of this standard. I sort of miss a discussion on this in the security considerations section. But that is nothing that should prevent this document from being accepted.
