<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">SSC votes: "Yes".<br>
<br>
Thanks,<br>
M.D.<br>
<br>
On 10/10/2014 1:39 AM, Jeremy Rowley wrote:<br>
</div>
<blockquote
cite="mid:9e6f535f43464ee58b1e738517b4889b@EX2.corp.digicert.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=ISO-8859-1">
<meta name="Generator" content="Microsoft Word 14 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";
color:black;}
p.line874, li.line874, div.line874
{mso-style-name:line874;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";
color:black;}
p.line862, li.line862, div.line862
{mso-style-name:line862;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";
color:black;}
span.EmailStyle20
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">DigiCert
votes “Yes”<o:p></o:p></span></p>
<p class="MsoNormal"><a moz-do-not-send="true"
name="_MailEndCompose"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></a></p>
<div>
<div style="border:none;border-top:solid #B5C4DF
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext">From:</span></b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext">
<a class="moz-txt-link-abbreviated" href="mailto:public-bounces@cabforum.org">public-bounces@cabforum.org</a>
[<a class="moz-txt-link-freetext" href="mailto:public-bounces@cabforum.org">mailto:public-bounces@cabforum.org</a>]
<b>On Behalf Of </b>Jeremy.Rowley<br>
<b>Sent:</b> Wednesday, October 1, 2014 5:37 PM<br>
<b>To:</b> CABFPub<br>
<b>Subject:</b> [cabfpub] Ballot 123 - Revisions to
former section 11.13<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I updated the email subject to make the
ballot easier to follow. Please comment on this email thread
instead of the other.<br>
<br>
<br>
<o:p></o:p></p>
<div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Hi
everyone,
<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">This
is the ballot from the EV working group that attempts to
clarify the language in 11.14 (11.13 previous to the
verified method of communication ballot) without changing
any of the requirements. Previous section 11.13 was
poorly organized with lots of semi-conflicting statements
on when data re-verification was required. Changes were
not tracked in this ballot as every single section was
moved or rewritten, making any comparison futile.<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">---------<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b>Ballot
123 – Reuse of Information</b><o:p></o:p></p>
<p>Revised Section 11.14 (previous 11.13) <o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Jeremy
Rowley of DigiCert made the following motion, and Cecilia
Kam of Symantec and Joanna Fox of GoDaddy have endorsed
it.
<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Motion
Begins<o:p></o:p></p>
<p>Section 11.14 is amended to read as follows:<o:p></o:p></p>
<p class="line874"><b>11.14 Requirements on the Re-use of
Documentation </b><o:p></o:p></p>
<p class="line874">For each EV Certificate Request,
including requests to renew existing EV Certificates, the
CA MUST perform all authentication and verification tasks
required by these Guidelines to ensure that the request is
properly authorized by the Applicant and that the
information in the EV Certificate is still accurate and
valid. This section sets forth the age limitations on for
the use of documentation collected by the CA.
<o:p></o:p></p>
<p class="line874"><b>11.14.1 Validation For Existing
Subscribers </b><o:p></o:p></p>
<p class="line874">If an Applicant has a currently valid EV
Certificate issued by the CA, a CA MAY rely on its prior
authentication and verification of:
<o:p></o:p></p>
<p class="line874">(1) The Principal Individual verified
under Section 11.2.2 (4) if the individual is the same
person as verified by the CA in connection with the
Applicant’s previously issued and currently valid EV
Certificate;
<o:p></o:p></p>
<p class="line874">(2) The Applicant's Place of Business
under Section 11.4.1; <o:p>
</o:p></p>
<p class="line874">(3) The Applicant’s Verified Method of
Communication required by Section 11.5, provided that the
CA verifies the communications as required by Section
11.4.2 (2)(A);
<o:p></o:p></p>
<p class="line874">(4) The Applicant's Operational Existence
under Section 11.6; <o:p>
</o:p></p>
<p class="line874">(5) The Name, Title, Agency, and
Authority of the Contract Signer and Certificate Approver
under Section 11.8; and
<o:p></o:p></p>
<p class="line874">(6) The Applicant's right to use the
specified Domain Name under Section 11.7, provided that
the CA verifies that the WHOIS record still shows the same
registrant as when the CA verified the specified Domain
Name for the initial EV Certificate.
<o:p></o:p></p>
<p class="line874"><b>11.14.2 Re-issuance Requests </b><o:p></o:p></p>
<p class="line874">A CA may rely on a previously verified
certificate request to issue a replacement certificate, so
long as the certificate being referenced was not revoked
due to fraud or other illegal conduct, if:
<o:p></o:p></p>
<p class="line874">(1) The expiration date of the
replacement certificate is the same as the expiration date
of the EV Certificate that is being replaced, and
<o:p></o:p></p>
<p class="line874">(2) The Subject Information of the
Certificate is the same as the Subject in the EV
Certificate that is being replaced.
<o:p></o:p></p>
<p class="line874"><b>11.14.3 Age of Validated Data </b><o:p></o:p></p>
<p class="line874">(1) Except for reissuance of an EV
Certificate under Section 11.14.2 and except when
permitted otherwise under Section 11.14.1, the age of all
data used to support issuance of an EV Certificate (before
revalidation is required) SHALL NOT exceed the following
limits: <o:p></o:p></p>
<p class="line874">(A) Legal existence and identity –
thirteen months; <o:p></o:p></p>
<p class="line874">(B) Assumed name – thirteen months; <o:p></o:p></p>
<p class="line874">(C) Address of Place of Business –
thirteen months; <o:p></o:p></p>
<p class="line874">(D) Applicant's telephone number –
thirteen months; <o:p></o:p></p>
<p class="line874">(E) Operational existence – thirteen
months; <o:p></o:p></p>
<p class="line874">(F) Domain Name – thirteen months; <o:p></o:p></p>
<p class="line874">(G) Name, Title, Agency, and Authority–
thirteen months, unless a contract between the CA and the
Applicant specifies a different term, in which case, the
term specified in such contract controls. For example, the
contract MAY include the perpetual assignment of EV roles
until revoked by the Applicant or CA, or until the
contract expires or is terminated.
<o:p></o:p></p>
<p class="line874">(2) The thirteen-month period set forth
above SHALL begin to run on the date the information was
collected by the CA.
<o:p></o:p></p>
<p class="line874">(3) The CA MAY reuse a previously
submitted EV Certificate Request, Subscriber Agreement, or
Terms of Use, including use of a single EV Certificate
Request in support of multiple EV Certificates containing
the same Subject, to the extent permitted under Sections
11.9 and 11.10. <o:p></o:p></p>
<p class="line874">(4) The CA MUST repeat the verification
processes required in these Guidelines for any information
obtained outside the time limits specified above except
when permitted otherwise under section 11.14.1.
<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Motion
Ends
<o:p></o:p></p>
<p class="line874">-----<br>
The review period for this ballot shall commence at 2200
UTC on October 2 2014, and will close at 2200 UTC on
October 9, 2014. Unless the motion is withdrawn during the
review period, the voting period will start immediately
thereafter and will close at 2200 UTC on October 16, 2014.
Votes must be cast by posting an on-list reply to this
thread.
<o:p></o:p></p>
<p class="line862">A vote in favor of the motion must
indicate a clear 'yes' in the response. A vote against
must indicate a clear 'no' in the response. A vote to
abstain must indicate a clear 'abstain' in the response.
Unclear responses will not be counted. The latest vote
received from any representative of a voting member before
the close of the voting period will be counted. Voting
members are listed here:
<a moz-do-not-send="true"
href="https://cabforum.org/members/">https://cabforum.org/members/</a>
<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">In
order for the motion to be adopted, two thirds or more of
the votes cast by members in the CA category and greater
than 50% of the votes cast by members in the browser
category must be in favor. Also, at least seven members
must participate in the ballot, either by voting in favor,
voting against, or abstaining.
<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Public mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Public@cabforum.org">Public@cabforum.org</a>
<a class="moz-txt-link-freetext" href="https://cabforum.org/mailman/listinfo/public">https://cabforum.org/mailman/listinfo/public</a>
</pre>
</blockquote>
<br>
</body>
</html>