<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"></head><body ><div>FESA? This is the closest organization I've ever known, nobody knows what they do except their members :)</div><div><br></div><div>I think Jeremy has collected even more country specific insurance requirement.</div><div><br></div><div>Thanks,</div><div>M.D.</div><div><br></div><div><br></div><div><div style="font-size:75%;color:#575757">Sent from Samsung Mobile</div></div><br><br><br>-------- Original message --------<br>From: i-barreira@izenpe.net <br>Date: 13/01/2015 10:48 (GMT+02:00) <br>To: adriano.santoni@staff.aruba.it,public@cabforum.org <br>Subject: Re: [cabfpub] Ballot 141 - Reposted <br> <br><br><div class="WordSection1"><p class="MsoNormal"><span style="color:#1F497D">Adriano,<o:p></o:p></span></p><p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p><p class="MsoNormal"><span lang="EN-US" style="color:#1F497D">This is in an internal document of FESA that I was not allowed to distribute but I thought that copying that table can help on the discussion.<o:p></o:p></span></p><p class="MsoNormal"><span lang="EN-US" style="color:#1F497D"><o:p> </o:p></span></p><p class="MsoNormal"><span lang="EN-US" style="color:#1F497D">Regards<o:p></o:p></span></p><div><p class="MsoNormal"><span lang="EN-US" style="color:#1F497D"><o:p> </o:p></span></p><p class="MsoNormal" style="line-height:9.75pt"><b><span lang="ES-TRAD" style="font-size:8.5pt;font-family:"Tahoma","sans-serif"">Iñigo Barreira</span></b><span lang="ES-TRAD" style="font-size:8.5pt;font-family:"Tahoma","sans-serif""><br>Responsable del Área técnica<br><a href="mailto:i-barreira@izenpe.net">i-barreira@izenpe.net</a><o:p></o:p></span></p><p class="MsoNormal"><span lang="ES-TRAD" style="font-size:8.5pt;font-family:"Tahoma","sans-serif"">945067705</span><span lang="ES-TRAD" style="color:#1F497D"><o:p></o:p></span></p><p class="MsoNormal"><span lang="ES-TRAD" style="color:#1F497D"><o:p> </o:p></span></p><p class="MsoNormal"><span style="color:#1F497D"><img border="0" width="585" height="111" id="_x0000_i1028" src="cid:image001.png@01D02F16.2126A0B0" alt="Descripción: cid:image001.png@01CE3152.B4804EB0"></span><span lang="ES-TRAD" style="color:#1F497D"><o:p></o:p></span></p><p class="MsoNormal" style="line-height:9.75pt"><span style="font-size:7.5pt;font-family:"Tahoma","sans-serif";color:#888888;mso-fareast-language:ES-TRAD">ERNE! Baliteke mezu honen zatiren bat edo mezu osoa legez babestuta egotea. Mezua badu bere hartzailea. Okerreko helbidera heldu bada (helbidea gaizki idatzi, transmisioak huts egin) eman abisu igorleari, korreo honi erantzuna. KONTUZ!</span><span style="color:#888888;mso-fareast-language:ES-TRAD"><br></span><span style="font-size:7.5pt;font-family:"Tahoma","sans-serif";color:#888888;mso-fareast-language:ES-TRAD">ATENCION! Este mensaje contiene informacion privilegiada o confidencial a la que solo tiene derecho a acceder el destinatario. Si usted lo recibe por error le agradeceriamos que no hiciera uso de la informacion y que se pusiese en contacto con el remitente.</span><span style="font-size:12.0pt;color:navy;mso-fareast-language:ES-TRAD"><o:p></o:p></span></p></div><p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p><div><div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm"><p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext">De:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext"> public-bounces@cabforum.org [mailto:public-bounces@cabforum.org] <b>En nombre de </b>Adriano Santoni<br><b>Enviado el:</b> martes, 13 de enero de 2015 9:44<br><b>Para:</b> public@cabforum.org<br><b>Asunto:</b> Re: [cabfpub] Ballot 141 - Reposted<o:p></o:p></span></p></div></div><p class="MsoNormal"><o:p> </o:p></p><p class="MsoNormal" style="margin-bottom:12.0pt">Iñigo,<br><br>may I ask you where did you find the amount you quote below for Italy?<br>I am not aware of any law or regulation mentioning it....<br><br>Thx<br>Adriano<br><br><o:p></o:p></p><div><p class="MsoNormal">Il 12/01/2015 14:45, <a href="mailto:i-barreira@izenpe.net">i-barreira@izenpe.net</a> ha scritto:<o:p></o:p></p></div><blockquote style="margin-top:5.0pt;margin-bottom:5.0pt"><p class="Default"><span lang="EN-US">FYI regarding insurance. This is what current national law says (regarding the directive/regulation) to the CAs which issues qualified certificates. And, IMHO, this is not going to change, or at least not significantly.</span><o:p></o:p></p><p class="Default"><span lang="EN-US">So, this means, that I´ll still need my insurance. </span><o:p></o:p></p><p class="Default"><span lang="EN-US"> </span><o:p></o:p></p><p class="Default"><span lang="EN-US"> </span><o:p></o:p></p><p class="MsoNormal"><span style="color:#1F497D"><img border="0" width="747" height="492" id="Imagen_x0020_2" src="cid:image002.png@01D02F16.2126A0B0"></span><o:p></o:p></p><p class="MsoNormal"><span style="color:#1F497D"><img border="0" width="731" height="524" id="Imagen_x0020_3" src="cid:image003.png@01D02F16.2126A0B0"></span><o:p></o:p></p><div><p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p><p class="MsoNormal" style="line-height:9.75pt"><b><span lang="ES-TRAD" style="font-size:8.5pt;font-family:"Tahoma","sans-serif"">Iñigo Barreira</span></b><span lang="ES-TRAD" style="font-size:8.5pt;font-family:"Tahoma","sans-serif""><br>Responsable del Área técnica<br><a href="mailto:i-barreira@izenpe.net">i-barreira@izenpe.net</a></span><o:p></o:p></p><p class="MsoNormal"><span lang="ES-TRAD" style="font-size:8.5pt;font-family:"Tahoma","sans-serif"">945067705</span><o:p></o:p></p><p class="MsoNormal"><span lang="ES-TRAD" style="color:#1F497D"> </span><o:p></o:p></p><p class="MsoNormal"><span style="color:#1F497D"><img border="0" width="585" height="111" id="Imagen_x0020_1" src="cid:image001.png@01D02F16.2126A0B0" alt="Descripción: cid:image001.png@01CE3152.B4804EB0"></span><o:p></o:p></p><p class="MsoNormal" style="line-height:9.75pt"><span style="font-size:7.5pt;font-family:"Tahoma","sans-serif";color:#888888;mso-fareast-language:ES-TRAD">ERNE! Baliteke mezu honen zatiren bat edo mezu osoa legez babestuta egotea. Mezua badu bere hartzailea. Okerreko helbidera heldu bada (helbidea gaizki idatzi, transmisioak huts egin) eman abisu igorleari, korreo honi erantzuna. KONTUZ!</span><span style="color:#888888;mso-fareast-language:ES-TRAD"><br></span><span style="font-size:7.5pt;font-family:"Tahoma","sans-serif";color:#888888;mso-fareast-language:ES-TRAD">ATENCION! Este mensaje contiene informacion privilegiada o confidencial a la que solo tiene derecho a acceder el destinatario. Si usted lo recibe por error le agradeceriamos que no hiciera uso de la informacion y que se pusiese en contacto con el remitente.</span><o:p></o:p></p></div><p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p><div><div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm"><p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">De:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> <a href="mailto:public-bounces@cabforum.org">public-bounces@cabforum.org</a> [<a href="mailto:public-bounces@cabforum.org">mailto:public-bounces@cabforum.org</a>] <b>En nombre de </b><a href="mailto:kirk_hall@trendmicro.com">kirk_hall@trendmicro.com</a><br><b>Enviado el:</b> miércoles, 07 de enero de 2015 19:01<br><b>Para:</b> CABFPub (<a href="mailto:public@cabforum.org">public@cabforum.org</a>)<br><b>Asunto:</b> [cabfpub] Ballot 141 - Reposted</span><o:p></o:p></p></div></div><p class="MsoNormal"> <o:p></o:p></p><p class="line867" style="background:white"><strong><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";font-weight:normal">I just realized we should re-post Ballots 141 and 142 to promote discussion, so here they are.</span></strong><o:p></o:p></p><p class="line867" style="background:white"><strong><span lang="EN-US" style="font-family:"Arial","sans-serif"">Ballot 141 – Elimination of EV Insurance Requirement; Financial Responsibility for Mis-Issued Certificates</span></strong><o:p></o:p></p><p class="line874" style="background:white;orphans:
auto;text-align:start;widows: auto;-webkit-text-stroke-width:
0px;word-spacing:0px"><span lang="EN-US" style="font-family:"Arial","sans-serif"">The following motion has been proposed by Kirk Hall of Trend Micro and endorsed by Robin Alden of Comodo and Dean Coclin of Symantec.</span><o:p></o:p></p><p class="line867" style="background:white;orphans:
auto;text-align:start;widows: auto;-webkit-text-stroke-width:
0px;word-spacing:0px"><strong><span lang="EN-US" style="font-family:"Arial","sans-serif"">Purpose</span></strong><o:p></o:p></p><p class="line862" style="background:white;orphans:
auto;text-align:start;widows: auto;-webkit-text-stroke-width:
0px;word-spacing:0px"><span lang="EN-US" style="font-family:"Arial","sans-serif"">The existing insurance requirements of EV Guidelines Section 8.4 were intended to help assure the public that CAs would be financially responsible, but the requirements for Commercial General Liability and Professional Liability / Errors & Omissions insurance are not well suited for this purpose and do not apply to DV and OV certificates.</span><o:p></o:p></p><p class="line874" style="background:white;orphans:
auto;text-align:start;widows: auto;-webkit-text-stroke-width:
0px;word-spacing:0px"><span lang="EN-US" style="font-family:"Arial","sans-serif"">The current insurance requirements should be replaced by other, more effective financial responsibility requirements that are more directly focused on financial responsibility for potential harm to subscribers and relying parties from mis-issued certificates of all types. At present, CAs are permitted to limit their potential liability to subscribers and relying parties to $2,000 per EV certificate under EV Guidelines Section 18 and $0 per DV and OV certificate under Baseline Requirements Section 18.1.</span><o:p></o:p></p><p class="line874" style="background:white;orphans:
auto;text-align:start;widows: auto;-webkit-text-stroke-width:
0px;word-spacing:0px"><span lang="EN-US" style="font-family:"Arial","sans-serif"">This ballot (1) deletes the current EV insurance requirements at EV Guidelines Section 8.4, and (2) amends the EV Guidelines and the Baseline Requirements so that CAs are permitted to limit their potential liability to subscribers and relying parties to $10,000 per EV certificate, $5,000 per OV certificate, and $2,000 per OV certificate. This ballot does not otherwise change whatever legal liability a CA would or would not have for its certificates under applicable law.</span><o:p></o:p></p><p class="line874" style="background:white;orphans:
auto;text-align:start;widows: auto;-webkit-text-stroke-width:
0px;word-spacing:0px"><span lang="EN-US" style="font-family:"Arial","sans-serif"">-- MOTION BEGINS --</span><o:p></o:p></p><p class="line874" style="background:white;orphans:
auto;text-align:start;widows: auto;-webkit-text-stroke-width:
0px;word-spacing:0px"><span lang="EN-US" style="font-family:"Arial","sans-serif"">1. EV Guideline 8.4 is deleted.</span><o:p></o:p></p><p class="line874" style="background:white;orphans:
auto;text-align:start;widows: auto;-webkit-text-stroke-width:
0px;word-spacing:0px"><span lang="EN-US" style="font-family:"Arial","sans-serif"">2. EV Guideline Section 18 is amended to read as follows:</span><o:p></o:p></p><p class="line867" style="background:white;orphans:
auto;text-align:start;widows: auto;-webkit-text-stroke-width:
0px;word-spacing:0px"><strong><span lang="EN-US" style="font-family:"Arial","sans-serif"">18. Liability and Indemnification</span></strong><span class="apple-converted-space"><span lang="EN-US" style="font-family:"Arial","sans-serif""> </span></span><span lang="EN-US" style="font-family:"Arial","sans-serif"">CAs MAY limit their liability as described in Section 18 of the Baseline Requirements except that a CA MAY NOT limit its liability to Subscribers or Relying Parties for legally recognized and provable claims to a monetary amount less than<span class="apple-converted-space"> </span><span class="strike"><s>two</s></span><span class="apple-converted-space"> </span><span class="u"><u>ten</u></span><span class="apple-converted-space"> </span>thousand US dollars per Subscriber or Relying Party per EV Certificate.</span><o:p></o:p></p><p class="line874" style="background:white;orphans:
auto;text-align:start;widows: auto;-webkit-text-stroke-width:
0px;word-spacing:0px"><span lang="EN-US" style="font-family:"Arial","sans-serif"">A CA's indemnification obligations and a Root CA’s obligations with respect to subordinate CAs are set forth in the Baseline Requirements.</span><o:p></o:p></p><p class="line874" style="background:white;orphans:
auto;text-align:start;widows: auto;-webkit-text-stroke-width:
0px;word-spacing:0px"><span lang="EN-US" style="font-family:"Arial","sans-serif"">3. Baseline Requirements Section 18.1 is amended to read as follows:</span><o:p></o:p></p><p class="line867" style="background:white;orphans:
auto;text-align:start;widows: auto;-webkit-text-stroke-width:
0px;word-spacing:0px"><strong><span lang="EN-US" style="font-family:"Arial","sans-serif"">18.1 Liability to Subscribers and Relying Parties</span></strong><o:p></o:p></p><p class="line862" style="background:white;orphans:
auto;text-align:start;widows: auto;-webkit-text-stroke-width:
0px;word-spacing:0px"><span lang="EN-US" style="font-family:"Arial","sans-serif"">If the CA has issued and managed the Certificate in compliance with these Requirements and its Certificate Policy and/or Certification Practice Statement, the CA MAY disclaim liability to the Certificate Beneficiaries or any other third parties for any losses suffered as a result of use or reliance on such Certificate beyond those specified in the CA's Certificate Policy and/or Certification Practice Statement. If the CA has not issued or managed the Certificate in compliance with these Requirements and its Certificate Policy and/or Certification Practice Statement, the CA MAY seek to limit its liability to the Subscriber and to Relying Parties, regardless of the cause of action or legal theory involved, for any and all claims, losses or damages suffered as a result of the use or reliance on such Certificate by any appropriate means that the CA desires. If the CA chooses to limit its liability for Certificates that are not issued or managed in compliance with these Requirements or its Certificate Policy and/or Certification Practice Statement, then the CA SHALL include the limitations on liability in the CA’s Certificate Policy and/or Certification Practice Statement.<span class="apple-converted-space"> </span><span class="u"><u>Notwithstanding the foregoing, a CA MAY NOT limit its liability to Subscribers or Relying Parties for legally recognized and provable claims to a monetary amount less than two thousand US dollars per Subscriber or Relying Party per DV Certificate or less than five thousand US dollars per Subscriber or Relying Party per OV Certificate.</u></span></span><o:p></o:p></p><p class="line874" style="background:white;orphans:
auto;text-align:start;widows: auto;-webkit-text-stroke-width:
0px;word-spacing:0px"><span lang="EN-US" style="font-family:"Arial","sans-serif"">-- MOTION ENDS --</span><o:p></o:p></p><p class="line874" style="background:white;orphans:
auto;text-align:start;widows: auto;-webkit-text-stroke-width:
0px;word-spacing:0px"><span lang="EN-US" style="font-family:"Arial","sans-serif"">The review period for this ballot shall commence at 2200 UTC on Monday, 5 January 2015, and will close at 2200 UTC on Wednesday, 12 January 2015. Unless the motion is withdrawn during the review period, the voting period will start immediately thereafter and will close at 2200 UTC on Wednesday, 19 January 2015. Votes must be cast by posting an on-list reply to this thread.</span><o:p></o:p></p><p class="line862" style="background:white;orphans:
auto;text-align:start;widows: auto;-webkit-text-stroke-width:
0px;word-spacing:0px"><span lang="EN-US" style="font-family:"Arial","sans-serif"">A vote in favor of the motion must indicate a clear 'yes' in the response. A vote against must indicate a clear 'no' in the response. A vote to abstain must indicate a clear 'abstain' in the response. Unclear responses will not be counted. The latest vote received from any representative of a voting member before the close of the voting period will be counted. Voting members are listed here:<span class="apple-converted-space"> </span><a href="https://cabforum.org/members/"><span style="border:none windowtext 1.0pt;padding:0cm">https://cabforum.org/members/</span></a></span><o:p></o:p></p><p class="line874" style="background:white;orphans:
auto;text-align:start;widows: auto;-webkit-text-stroke-width:
0px;word-spacing:0px"><span lang="EN-US" style="font-family:"Arial","sans-serif"">In order for the motion to be adopted, two thirds or more of the votes cast by members in the CA category and greater than 50% of the votes cast by members in the browser category must be in favor. Quorum is currently nine (9) members– at least nine members must participate in the ballot, either by voting in favor, voting against, or abstaining.</span><o:p></o:p></p><p class="MsoNormal"><span lang="EN-US"> </span><o:p></o:p></p><table class="MsoNormalTable" border="0" cellpadding="0"><tbody><tr><td style="background:white;padding:.75pt .75pt .75pt .75pt"><table class="MsoNormalTable" border="0" cellpadding="0"><tbody><tr><td style="padding:.75pt .75pt .75pt .75pt"><pre> <o:p></o:p></pre><pre>TREND MICRO EMAIL NOTICE<o:p></o:p></pre><pre>The information contained in this email and any attachments is confidential <o:p></o:p></pre><pre>and may be subject to copyright or other intellectual property protection. <o:p></o:p></pre><pre>If you are not the intended recipient, you are not authorized to use or <o:p></o:p></pre><pre>disclose this information, and we request that you notify us by reply mail or<o:p></o:p></pre><pre>telephone and delete the original message from your mail system.<o:p></o:p></pre></td></tr></tbody></table></td></tr></tbody></table><p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Times New Roman , serif","serif""> </span><o:p></o:p></p><p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Times New Roman","serif""><br><br><br><o:p></o:p></span></p><pre>_______________________________________________<o:p></o:p></pre><pre>Public mailing list<o:p></o:p></pre><pre><a href="mailto:Public@cabforum.org">Public@cabforum.org</a><o:p></o:p></pre><pre><a href="https://cabforum.org/mailman/listinfo/public">https://cabforum.org/mailman/listinfo/public</a><o:p></o:p></pre></blockquote><p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Times New Roman","serif""><o:p> </o:p></span></p><div><p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Times New Roman","serif"">-- <br><i>Adriano Santoni</i> <o:p></o:p></span></p></div></div></body>