<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<font face="Calibri">Actalis votes YES<br>
<br>
</font>
<div class="moz-cite-prefix">Il 02/10/2014 21:31, Ben Wilson ha
scritto:<br>
</div>
<blockquote
cite="mid:f41a31a25f5f42f2b5ba2e3fa5b09836@EX2.corp.digicert.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<meta name="Generator" content="Microsoft Word 14 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:627395689;
mso-list-template-ids:1534771398;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><span
style="font-size:12.0pt;font-family:"Times New
Roman","serif"">Ballot 134 - Application of
RFC 5280 to Precertificates</span></b><span
style="font-size:12.0pt;font-family:"Times New
Roman","serif"">
<o:p></o:p></span></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:12.0pt;font-family:"Times New
Roman","serif"">Kirk Hall of Trend Micro made
the following motion, and Ben Wilson of Digicert and Ryan
Sleevi from Google have endorsed it. <o:p></o:p></span></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><span
style="font-size:12.0pt;font-family:"Times New
Roman","serif"">Reason for Ballot</span></b><span
style="font-size:12.0pt;font-family:"Times New
Roman","serif"">
<o:p></o:p></span></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:12.0pt;font-family:"Times New
Roman","serif"">CAs are implementing
Certificate Transparency (CT) based on RFC 6962, which
contains the concept of pre-certificates. The current
Baseline Requirements require all certificates to comply
with RFC 5280. (See Definition of "Valid Certificate" and
references to RFC 5280 in Appendix B.) For some
implementations, there is a potential dilemma if the
pre-certificate and the production certificate are issued
from the same sub-CA and both have the same Serial Number,
not permitted under RFC 5280. Given that CAs will likely be
implementing CT before potential technical differences can
be worked out, the purpose of this ballot is to allow CAs to
meet CT deadlines without violating the Baseline
Requirements requiring compliance with RFC 5280.
<o:p></o:p></span></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><span
style="font-size:12.0pt;font-family:"Times New
Roman","serif"">-- Motion Begins --
</span></b><span
style="font-size:12.0pt;font-family:"Times New
Roman","serif""><o:p></o:p></span></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:12.0pt;font-family:"Times New
Roman","serif"">Effective immediately, the
title to Appendix B of the Baseline Requirements shall be
amended as follows:
<o:p></o:p></span></p>
<ul type="disc">
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
level1 lfo1">
<span style="font-size:12.0pt;font-family:"Times New
Roman","serif"">Appendix B – Certificate
<u>Content and</u> Extensions; <u>Application of RFC 5280</u>
(Normative) <o:p></o:p></span></li>
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
level1 lfo1">
<span style="font-size:12.0pt;font-family:"Times New
Roman","serif"">This appendix specifies
<s>the </s><u>additional requirements</u> for Certificate
<u>content and</u> extensions for Certificates generated
after the Effective Date.
<o:p></o:p></span></li>
</ul>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:12.0pt;font-family:"Times New
Roman","serif"">and a new subsection (5) will
be added as follows:
<o:p></o:p></span></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><u><span
style="font-size:12.0pt;font-family:"Times New
Roman","serif"">(5) Application of RFC 5280
<o:p></o:p></span></u></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><u><span
style="font-size:12.0pt;font-family:"Times New
Roman","serif"">For purposes of
clarification, a Precertificate as described in RFC 6962 –
Certificate Transparency shall not be considered to be a
“certificate” subject to the requirements of RFC 5280 -
Internet X.509 Public Key Infrastructure Certificate and
Certificate Revocation List (CRL) Profile under these
Baseline Requirements.
<o:p></o:p></span></u></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><span
style="font-size:12.0pt;font-family:"Times New
Roman","serif"">-- Motion Ends --
</span></b><span
style="font-size:12.0pt;font-family:"Times New
Roman","serif""><o:p></o:p></span></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:12.0pt;font-family:"Times New
Roman","serif"">The review period for this
ballot shall commence at 2200 UTC on Thursday, 2 October
2014, and will close at 2200 UTC on Thursday, 9 October
2014. Unless the motion is withdrawn during the review
period, the voting period will start immediately thereafter
and will close at 2200 UTC on Thursday, 16 October 2014.
Votes must be cast by posting an on-list reply to this
thread. <o:p></o:p></span></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:12.0pt;font-family:"Times New
Roman","serif"">A vote in favor of the motion
must indicate a clear 'yes' in the response. A vote against
must indicate a clear 'no' in the response. A vote to
abstain must indicate a clear 'abstain' in the response.
Unclear responses will not be counted. The latest vote
received from any representative of a voting member before
the close of the voting period will be counted. Voting
members are listed here: <a moz-do-not-send="true"
href="https://cabforum.org/members/"><span
style="color:blue">https://cabforum.org/members/</span></a>
<o:p></o:p></span></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:12.0pt;font-family:"Times New
Roman","serif"">In order for the motion to be
adopted, two thirds or more of the votes cast by members in
the CA category and greater than 50% of the votes cast by
members in the browser category must be in favor. Quorum is
currently nine (9) members– at least nine members must
participate in the ballot, either by voting in favor, voting
against, or abstaining.
<o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Public mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Public@cabforum.org">Public@cabforum.org</a>
<a class="moz-txt-link-freetext" href="https://cabforum.org/mailman/listinfo/public">https://cabforum.org/mailman/listinfo/public</a>
</pre>
</blockquote>
<br>
<div class="moz-signature">-- <br>
<i><span style="font-family: Serif">Adriano Santoni</span></i>
</div>
</body>
</html>