<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:DengXian;
panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
@font-face
{font-family:"\@DengXian";
panose-1:2 1 6 0 3 1 1 1 1 1;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;}
span.EmailStyle22
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:925459001;
mso-list-template-ids:-685894698;}
@list l0:level1
{mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level2
{mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level3
{mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level4
{mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level5
{mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level6
{mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level7
{mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level8
{mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level9
{mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l1
{mso-list-id:2091848230;
mso-list-template-ids:-179035972;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple style='word-wrap:break-word'><div class=WordSection1><p class=MsoNormal>OK, the requirement to use the policy identifiers are in sections 9.3.3 and 9.3.4. For section 9.3.3, I will add some text to have a MUST at a later date (i.e., after 31 December 2021) for Timestamp certificates. For section 9.3.4, this is a MAY requirement, so no changes.<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Thanks, Bruce.<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b>From:</b> Sebastian Schulz <sebastian.schulz@globalsign.com> <br><b>Sent:</b> Friday, June 4, 2021 10:45 AM<br><b>To:</b> Bruce Morton <Bruce.Morton@entrust.com>; cscwg-public@cabforum.org; dzacharo@harica.gr<br><b>Subject:</b> RE: [Cscwg-public] [EXTERNAL] Re: CSWG Cleanup and Clarification Ballot<o:p></o:p></p></div></div><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><span lang=EN-GB style='mso-fareast-language:EN-US'>Hey Bruce, <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='mso-fareast-language:EN-US'><o:p> </o:p></span></p><p class=MsoNormal><b><i><span style='color:#0070C0'>[BM – Can you itemize the items which you think CAs should be concerned? If we think something is significant, we could put in an effectivity date for those items.]</span></i></b><span lang=EN-GB style='mso-fareast-language:EN-US'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='mso-fareast-language:EN-US'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-GB style='mso-fareast-language:EN-US'>From our team there were some questions in regards to 9.3.1 (Timestamping OID). I think this needs an effective date and also clarification whether all active timestamping certs need to have this OID as of the effective date (meaning older certs without the OID would have to be replaced before the effective date), or only those that are issued as of the effective date would have to be issued with the OID (which is how I would have interpreted the change).<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='mso-fareast-language:EN-US'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-GB style='mso-fareast-language:EN-US'>Best,<o:p></o:p></span></p><p class=MsoNormal style='margin-bottom:12.0pt'><span lang=EN-GB style='mso-fareast-language:EN-US'>Seb<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='mso-fareast-language:EN-US'><o:p> </o:p></span></p><div><p class=MsoNormal><b><span style='font-family:"Arial",sans-serif;color:#666666;mso-fareast-language:EN-US'>Sebastian Schulz</span></b><span style='color:#1F497D;mso-fareast-language:EN-US'><br></span><i><span lang=EN-GB style='font-family:"Arial",sans-serif;color:#666666'>Product Manager Client Certificates</span></i><span style='mso-fareast-language:EN-US'><o:p></o:p></span></p></div><p class=MsoNormal><span lang=EN-GB style='mso-fareast-language:EN-US'><o:p> </o:p></span></p><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b>From:</b> Cscwg-public <<a href="mailto:cscwg-public-bounces@cabforum.org">cscwg-public-bounces@cabforum.org</a>> <b>On Behalf Of </b>Bruce Morton via Cscwg-public<br><b>Sent:</b> 04 June 2021 15:52<br><b>To:</b> Dimitris Zacharopoulos (HARICA) <<a href="mailto:dzacharo@harica.gr">dzacharo@harica.gr</a>>; <a href="mailto:cscwg-public@cabforum.org">cscwg-public@cabforum.org</a><br><b>Subject:</b> Re: [Cscwg-public] [EXTERNAL] Re: CSWG Cleanup and Clarification Ballot<o:p></o:p></p></div></div><p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p><p class=MsoNormal><b><i><span style='color:#0070C0'>Hi Dimitris,<o:p></o:p></span></i></b></p><p class=MsoNormal><b><i><span style='color:#0070C0'><o:p> </o:p></span></i></b></p><p class=MsoNormal><b><i><span style='color:#0070C0'>Comments below.<o:p></o:p></span></i></b></p><p class=MsoNormal><b><i><span style='color:#0070C0'><o:p> </o:p></span></i></b></p><p class=MsoNormal><b><i><span style='color:#0070C0'>Bruce.<o:p></o:p></span></i></b></p><p class=MsoNormal><o:p> </o:p></p><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b>From:</b> Cscwg-public <<a href="mailto:cscwg-public-bounces@cabforum.org">cscwg-public-bounces@cabforum.org</a>> <b>On Behalf Of </b>Dimitris Zacharopoulos (HARICA) via Cscwg-public<br><b>Sent:</b> Friday, June 4, 2021 1:47 AM<br><b>To:</b> <a href="mailto:cscwg-public@cabforum.org">cscwg-public@cabforum.org</a><br><b>Subject:</b> [EXTERNAL] Re: [Cscwg-public] CSWG Cleanup and Clarification Ballot<o:p></o:p></p></div></div><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>WARNING: This email originated outside of Entrust.<br>DO NOT CLICK links or attachments unless you trust the sender and know the content is safe.<o:p></o:p></p><div class=MsoNormal align=center style='text-align:center'><hr size=2 width="100%" align=center></div><p class=MsoNormal style='margin-bottom:12.0pt'><o:p> </o:p></p><div><p class=MsoNormal>On 2/6/2021 10:05 μ.μ., Bruce Morton via Cscwg-public wrote:<o:p></o:p></p></div><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><p class=MsoNormal>Here is a draft markup of the cleanup and clarification ballot. We can discuss briefly in our call tomorrow. I am proposing that we have an in-depth discussion (~1 hour) at the virtual F2F meeting. Hopefully we can closed this draft at that time and allow us to move forward with the changes. I will also be looking for endorsers, so I can assign this ballot a number.<o:p></o:p></p><p class=MsoNormal> <o:p></o:p></p><p class=MsoNormal>If you have comments, please feel free to respond.<o:p></o:p></p><p class=MsoNormal> <o:p></o:p></p></blockquote><p class=MsoNormal><br>Hi Bruce,<br><br>As we discussed on our regular teleconference yesterday, I have two requests:<o:p></o:p></p><ol start=1 type=1><li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0 level1 lfo3'>In section 11.1.2, please update the text to "Qualified Certificates <u>for electronic signatures</u> issued pursuant to....". I realized that there are lots of types of "Qualified Certificates" but we're looking at eSignature Certificates for Natural Persons. In addition, I noticed that the term "personal Certificate" in the same paragraph, is not properly defined and is kind of ambiguous. We might want to clarify that this the CA expects a Certificate where the Subject information identifies a Natural Person. In case we are willing to accept Qualified Certificates for electronic seals, which are issued to Legal Entities, the group should discuss and decide. For now, allowing only eSignature Certificates is the safest approach. <b><i><span style='color:#0070C0'>[BM – Done]</span></i></b><o:p></o:p></li><li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0 level1 lfo3'>In section 13.2.2 please remove the additional text regarding Certificate suspension. We can address that in a separate ballot. <b><i><span style='color:#0070C0'>[BM – Done]</span></i></b><o:p></o:p></li></ol><p class=MsoNormal style='margin-bottom:12.0pt'>During your review, you had a comment for section 9.3.3 indicating that<i> "This section may conflict with Appendix A. The requirement should be stated in one place. A reference may also be required"</i>. Indeed, we have similar language in Appendix A. Do you plan to address this comment in this ballot? I think it fits the "cleanup and clarification" nature. <b><i><span style='color:#0070C0'>[BM – I tried to make this simple by stating “Refer to certificate policy identification requirements in Section 9.3.3.” Does that work or should we make more edits?]</span></i></b><br><br>Finally, I want to highlight that although this ballot is labeled "cleanup and clarification", it does change some normative requirements so CAs should pay attention and read this ballot carefully for possible areas of concern. <b><i><span style='color:#0070C0'>[BM – Can you itemize the items which you think CAs should be concerned? If we think something is significant, we could put in an effectivity date for those items.]</span></i></b><br><br><br>Best regards,<br>Dimitris.<o:p></o:p></p><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><p class=MsoNormal> <o:p></o:p></p><p class=MsoNormal>Thanks, Bruce.<o:p></o:p></p><p class=MsoNormal style='margin-bottom:12.0pt'><o:p> </o:p></p><pre>_______________________________________________<o:p></o:p></pre><pre>Cscwg-public mailing list<o:p></o:p></pre><pre><a href="mailto:Cscwg-public@cabforum.org">Cscwg-public@cabforum.org</a><o:p></o:p></pre><pre><a href="https://urldefense.com/v3/__https:/lists.cabforum.org/mailman/listinfo/cscwg-public__;!!FJ-Y8qCqXTj2!L6GV5_ELF4E-YxkWOg95YTvEdMxNdXJSxU0h9cxG1OxqwKdaBXYSNbvXVnH0sYaz7nc$">https://lists.cabforum.org/mailman/listinfo/cscwg-public</a><o:p></o:p></pre></blockquote><p class=MsoNormal><o:p> </o:p></p></div></body></html>