BJ Cardon

I think this fits into our sets of lints nicely, we could even exclude OCSP/CRL lints by default.

I agree with @dadrian that the lints being non-deterministic and/or relying on what could be third party information makes them a better candidate for a separate group of lints. Also,...

What criteria would be make these lints applicable? Would they not run the cabf_br lints at all if they had the right EKU? This is a good question overall since...

I think that makes a lot of sense. In this case, the common base document would be the RFCs, right? Would these separate linting hierarchies _imply_ compliance with RFCs? Is...

> Like, the S/MIME WG could decide to reject RFC 5280 and adopt ITU-T's (incompatible) X.509, for example, in which case, S/MIME wouldn't run RFC lints at all. Ohhh, ok....

I definitely think it's a good idea to make a proposal branch so we can look at what the changes would be and validate that direction as the direction we...

Thanks for the feedback all. @sleevi The common root of `0.0.1.f.5.4.3.ip6.arpa` was validated using a DNS TXT Random Value. The Random Value was generated and set by the customer correctly...

Another scenario where the ambiguity is difficult is anywhere in the BRs where compliant participants `MUST` have a process for X or so forth, aka areas where no additional context...

@sleevi haha! I was thinking it's more like classic `CookieMonster` where you get all the cookies you want [unless you're being a bad boy](https://www.youtube.com/watch?v=W3ZHPJT2Kp4). 😉

I like that approach, it's kind of like an attestation for specific requirements that are Error scenarios without an attestation.