<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:新細明體;
panose-1:2 2 5 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"\@新細明體";
panose-1:2 1 6 1 0 1 1 1 1 1;}
@font-face
{font-family:"Lucida Sans Unicode";
panose-1:2 11 6 2 3 5 4 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
p.MsoPlainText, li.MsoPlainText, div.MsoPlainText
{mso-style-priority:99;
mso-style-link:"純文字 字元";
margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Calibri",sans-serif;}
span.a
{mso-style-name:"純文字 字元";
mso-style-priority:99;
mso-style-link:純文字;
font-family:"Calibri",sans-serif;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
/* Page Definitions */
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 90.0pt 72.0pt 90.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=ZH-TW link="#0563C1" vlink="#954F72" style='text-justify-trim:punctuation'><div class=WordSection1><p class=MsoNormal><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Sans Unicode",sans-serif;color:#333333;background:white'>Chunghwa Telecom votes “Yes” on NS-003. Thanks.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Sans Unicode",sans-serif;color:#333333;background:white'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Sans Unicode",sans-serif;color:#333333;background:white'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Sans Unicode",sans-serif;color:#333333;background:white'><o:p> </o:p></span></p><p class=MsoNormal style='text-indent:63.0pt'><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Sans Unicode",sans-serif;color:#333333;background:white'>Li-Chun Chen<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:9.0pt;font-family:"Lucida Sans Unicode",sans-serif;color:#333333;background:white'> Chunghwa Telecom </span><span lang=EN-US><o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US>-----Original Message-----<br>From: Netsec <netsec-bounces@cabforum.org> On Behalf Of Ryan Dickson via Netsec<br>Sent: Tuesday, April 30, 2024 4:57 AM<br>To: Clint Wilson <clintw@apple.com>; CABF Network Security WG <netsec@cabforum.org><br>Subject: [</span><span style='font-family:"新細明體",serif'>外部郵件</span><span lang=EN-US>]Re: [cabf_netsec] Voting Period Begins | Ballot NS-003: Restructure the NCSSRs</span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US>Google votes "Yes" on NS-003.<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US>On Tue, Apr 23, 2024 at 11:59</span><span lang=EN-US style='font-family:"Cambria Math",serif'> </span><span lang=EN-US>AM Clint Wilson via Netsec <<a href="mailto:netsec@cabforum.org%20%3cmailto:netsec@cabforum.org"><span style='color:windowtext;text-decoration:none'>netsec@cabforum.org <mailto:netsec@cabforum.org</span></a>> > wrote:<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US> Ballot NS-003 is proposed by Clint Wilson of Apple and endorsed by Trevoli Ponds-White of Amazon and David Kluge of Google Trust Services.<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US> Purpose of Ballot<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US> This ballot proposes a comprehensive restructuring of the Network and Certificate System Security Requirements (NCSSRs), excepting Section 4. The current structure of the document has proven to be challenging for creating ballots, contains duplicated requirements, and separates similar requirements across the document. These issues have led to inefficiencies in managing and implementing security standards. Therefore, this proposal aims to streamline the document's structure, eliminate redundancies, improve comprehensibility, and enhance clarity and coherence.<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US> Reasons for Proposal:<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US> * Complexity in Ballot Creation: The current document structure can make it difficult to create and manage ballots efficiently, leading to somewhat awkward updating processes, abandoned ballots, and a lack of confidence that ballots effect the intended changes.<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> * Redundancy: Over time, some parts of the NCSSRs have touched on the same topic, leading to some duplication across the document and further to confusion and inconsistency in implementation.<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> * Fragmentation: Similar requirements for different parts of a CA</span><span lang=EN-US style='font-family:"Courier New"'>’</span><span lang=EN-US>s NCSSR-relevant infrastructure are scattered throughout the document, making it somewhat more difficult for to locate and comprehend a complete picture of these requirements effectively.<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> * Minor Issues: The document contains other, more minor issues that also impede its usability and effectiveness, such as missing definitions, unclear list structures, and requirements that are more optional than they may currently appear.<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US> Benefits of the Updated Document Structure:<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US> * Enhanced Clarity: The revised structure should improve the clarity and coherence of the document, making the requirements it represents easier to understand, as well as result in greater consistency when implementing or assessing its security requirements.<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> * Future Updates: A more granular document structure should improve the process of creating and managing ballots in the future. Similarly, the improved proximity of related requirements should hopefully aid in identifying the areas the NCSSRs can most benefit from further attention.<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> * Grouping and De-duplication of Similar Requirements: By consolidating duplicated requirements, the updated document should make it much easier to find, comprehend, assess, and implement related requirements.<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> * Clearer Recommendations: The updated document includes a number of additional </span><span lang=EN-US style='font-family:"Courier New"'>“</span><span lang=EN-US>SHOULD</span><span lang=EN-US style='font-family:"Courier New"'>”</span><span lang=EN-US>-type stipulations, clarifying some of the language in the current NCSSRs such that it</span><span lang=EN-US style='font-family:"Courier New"'>’</span><span lang=EN-US>s easier to identify where the NCSSRs impose a strict requirement as opposed to a strong recommendation.<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US> Overall, this ballot proposal seeks to address existing challenges in updating the current version of the NCSSRs and pave the way for future improvements to the NCSSRs.<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US> MOTION BEGINS<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US> This ballot modifies the </span><span lang=EN-US style='font-family:"Courier New"'>“</span><span lang=EN-US>Network and Certificate System Security Requirements</span><span lang=EN-US style='font-family:"Courier New"'>”</span><span lang=EN-US> as follows, based on version 1.7:<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US> <a href="https://github.com/cabforum/netsec/compare/c62a2f88e252de5c79b101fa3c9e9c536388639a...8bd66d27c07e30d1f4d9e6dd57b075bca499bf2e"><span style='color:windowtext;text-decoration:none'>https://github.com/cabforum/netsec/compare/c62a2f88e252de5c79b101fa3c9e9c536388639a...8bd66d27c07e30d1f4d9e6dd57b075bca499bf2e</span></a> <<a href="https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fcabforum%2Fnetsec%2Fcompare%2Fc62a2f88e252de5c79b101fa3c9e9c536388639a...8bd66d27c07e30d1f4d9e6dd57b075bca499bf2e&data=05%7C02%7Crealsky%40cht.com.tw%7C4754871dbe2c47e10f1e08dc688eedb1%7C54eb9440cf0345fe835e61bd4ce515c8%7C0%7C0%7C638500210295474559%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=WKNbjApmzhUIxkfDf8AEhxjX2%2B2j%2FoB9UQMM0GdqrO4%3D&reserved=0"><span style='color:windowtext;text-decoration:none'>https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fcabforum%2Fnetsec%2Fcompare%2Fc62a2f88e252de5c79b101fa3c9e9c536388639a...8bd66d27c07e30d1f4d9e6dd57b075bca499bf2e&data=05%7C02%7Crealsky%40cht.com.tw%7C4754871dbe2c47e10f1e08dc688eedb1%7C54eb9440cf0345fe835e61bd4ce515c8%7C0%7C0%7C638500210295474559%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=WKNbjApmzhUIxkfDf8AEhxjX2%2B2j%2FoB9UQMM0GdqrO4%3D&reserved=0</span></a>> <o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US> MOTION ENDS<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US> The procedure for approval of this ballot is as follows:<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US> Discussion Period (14+ days)<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US> Start Time: 2024-April-09 16:00 UTC<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> End Time: 2024-April-23 15:59 UTC<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US> Voting Period (7 days)<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p><p class=MsoPlainText><span lang=EN-US> Start Time: 2024-April-23 16:00 UTC<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> End Time: 2024-April-30 16:00 UTC<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> _______________________________________________<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> Netsec mailing list<o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> <a href="mailto:Netsec@cabforum.org"><span style='color:windowtext;text-decoration:none'>Netsec@cabforum.org</span></a> <<a href="mailto:Netsec@cabforum.org"><span style='color:windowtext;text-decoration:none'>mailto:Netsec@cabforum.org</span></a>> <o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> <a href="https://lists.cabforum.org/mailman/listinfo/netsec"><span style='color:windowtext;text-decoration:none'>https://lists.cabforum.org/mailman/listinfo/netsec</span></a> <<a href="https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.cabforum.org%2Fmailman%2Flistinfo%2Fnetsec&data=05%7C02%7Crealsky%40cht.com.tw%7C4754871dbe2c47e10f1e08dc688eedb1%7C54eb9440cf0345fe835e61bd4ce515c8%7C0%7C0%7C638500210295483773%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=%2BObriwSsf7qyaOXSKMfM%2FMmUf7EPTnqWfgMPnqCuzzU%3D&reserved=0"><span style='color:windowtext;text-decoration:none'>https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.cabforum.org%2Fmailman%2Flistinfo%2Fnetsec&data=05%7C02%7Crealsky%40cht.com.tw%7C4754871dbe2c47e10f1e08dc688eedb1%7C54eb9440cf0345fe835e61bd4ce515c8%7C0%7C0%7C638500210295483773%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=%2BObriwSsf7qyaOXSKMfM%2FMmUf7EPTnqWfgMPnqCuzzU%3D&reserved=0</span></a>> <o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US> <o:p></o:p></span></p><p class=MsoPlainText><span lang=EN-US><o:p> </o:p></span></p></div></body></html>