<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
HARICA votes "yes" to ballot NS-003.<br>
<br>
<div class="moz-cite-prefix">On 23/4/2024 6:59 μ.μ., Clint Wilson
via Netsec wrote:<br>
</div>
<blockquote type="cite"
cite="mid:0100018f0baece44-62b65156-493f-431d-9e5b-7170d6bc1d9e-000000@email.amazonses.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);">Ballot
NS-003 is proposed by Clint Wilson of Apple and endorsed by
Trevoli Ponds-White of Amazon and David Kluge of Google Trust
Services.</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"><br>
</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"><b>Purpose
of Ballot</b></div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"><br>
</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);">This
ballot proposes a comprehensive restructuring of the Network and
Certificate System Security Requirements (NCSSRs), excepting
Section 4. The current structure of the document has proven to
be challenging for creating ballots, contains duplicated
requirements, and separates similar requirements across the
document. These issues have led to inefficiencies in managing
and implementing security standards. Therefore, this proposal
aims to streamline the document's structure, eliminate
redundancies, improve comprehensibility, and enhance clarity and
coherence.</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"><br>
</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"><u>Reasons
for Proposal:</u></div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"><br>
</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);">
<ul class="MailOutline">
<li><b>Complexity in Ballot Creation</b>: The current document
structure can make it difficult to create and manage ballots
efficiently, leading to somewhat awkward updating processes,
abandoned ballots, and a lack of confidence that ballots
effect the intended changes.</li>
<li><b>Redundancy</b>: Over time, some parts of the NCSSRs
have touched on the same topic, leading to some duplication
across the document and further to confusion and
inconsistency in implementation.</li>
<li><b>Fragmentation</b>: Similar requirements for different
parts of a CA’s NCSSR-relevant infrastructure are scattered
throughout the document, making it somewhat more difficult
for to locate and comprehend a complete picture of these
requirements effectively.</li>
<li><b>Minor Issues</b>: The document contains other, more
minor issues that also impede its usability and
effectiveness, such as missing definitions, unclear list
structures, and requirements that are more optional than
they may currently appear.</li>
</ul>
</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"><br>
</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"><u>Benefits
of the Updated Document Structure:</u></div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"><br>
</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);">
<ul class="MailOutline">
<li><b>Enhanced Clarity</b>: The revised structure should
improve the clarity and coherence of the document, making
the requirements it represents easier to understand, as well
as result in greater consistency when implementing or
assessing its security requirements.</li>
<li><b>Future Updates</b>: A more granular document structure
should improve the process of creating and managing ballots
in the future. Similarly, the improved proximity of related
requirements should hopefully aid in identifying the areas
the NCSSRs can most benefit from further attention.</li>
<li><b>Grouping and De-duplication of Similar Requirements</b>:
By consolidating duplicated requirements, the updated
document should make it much easier to find, comprehend,
assess, and implement related requirements.</li>
<li><b>Clearer Recommendations</b>: The updated document
includes a number of additional “SHOULD”-type stipulations,
clarifying some of the language in the current NCSSRs such
that it’s easier to identify where the NCSSRs impose a
strict requirement as opposed to a strong recommendation.</li>
</ul>
</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"><br>
</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);">Overall,
this ballot proposal seeks to address existing challenges in
updating the current version of the NCSSRs and pave the way for
future improvements to the NCSSRs.</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"><br>
</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"><b>MOTION
BEGINS</b></div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"><br>
</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);">This
ballot modifies the “Network and Certificate System Security
Requirements” as follows, based on version 1.7:</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"><br>
</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"><a
href="https://github.com/cabforum/netsec/compare/c62a2f88e252de5c79b101fa3c9e9c536388639a...8bd66d27c07e30d1f4d9e6dd57b075bca499bf2e"
moz-do-not-send="true" class="moz-txt-link-freetext">https://github.com/cabforum/netsec/compare/c62a2f88e252de5c79b101fa3c9e9c536388639a...8bd66d27c07e30d1f4d9e6dd57b075bca499bf2e</a></div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"><br>
</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"><b>MOTION
ENDS</b></div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"><br>
</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);">The
procedure for approval of this ballot is as follows:</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"><br>
</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"><b><u>Discussion
Period</u></b> (14+ days)</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"><br>
</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);">Start
Time: 2024-April-09 16:00 UTC</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);">End
Time: 2024-April-23 15:59 UTC</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"><br>
</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"><b><u>Voting
Period</u></b> (7 days)</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"><br>
</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);">Start
Time: 2024-April-23 16:00 UTC</div>
<div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);">End
Time: 2024-April-30 16:00 UTC</div>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
Netsec mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Netsec@cabforum.org">Netsec@cabforum.org</a>
<a class="moz-txt-link-freetext" href="https://lists.cabforum.org/mailman/listinfo/netsec">https://lists.cabforum.org/mailman/listinfo/netsec</a>
</pre>
</blockquote>
<br>
</body>
</html>