<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
None of this addresses a gag order by said jurisdiction, which IMO
is quite likely in a case wherein a government put such a
requirement on a CA, at least in any case where such deviation from
the BRs is truly of any concern. Dead man switch?<br>
<br>
<div class="moz-cite-prefix">On 4/27/2016 12:44 PM, Ryan Sleevi
wrote:<br>
</div>
<blockquote
cite="mid:CACvaWvY5gWQRGnCDDEqy7eoAvuFbV=UeJeB2o+gsTLd7CZyjiw@mail.gmail.com"
type="cite">
<div dir="ltr">Jeremy,
<div><br>
</div>
<div>I don't believe your proposal addresses the necessary
transparency and disclosure that the CA ecosystem needs for
such matters. Is there a reason you removed that language, or
was it merely an oversight in addressing the other issue you
highlighted?<br>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Wed, Apr 27, 2016 at 10:40 AM,
Jeremy Rowley <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:jeremy.rowley@digicert.com"
target="_blank">jeremy.rowley@digicert.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="white" link="blue" vlink="purple"
lang="EN-US">
<div>
<p class="MsoNormal"><span style="color:windowtext">Some
CAs may not “want” to deviate from a requirement
but may be forced to by regulation. They also
won’t “deviate from… these Requirements” because
the requirements are reformed to the extent
necessary to accommodate for the law.</span></p>
<p class="MsoNormal"><span style="color:windowtext"> </span></p>
<p class="MsoNormal"><span style="color:windowtext">How
about:</span></p>
<p class="MsoNormal"><u><span style="color:red"><span
style="text-decoration:none"> </span></span></u></p>
<p class="MsoNormal"><u><span style="color:red">A CA
that issues a certificate under a requirement
reformed through an action of a court or
government body with jurisdiction SHALL list
the reformed requirement in Section 9.16.3 of
the CA’s CPS prior to issuing a certificate
and include (in Section 9.16.3 of the CA’s
CPS) a reference to the law or government
order requiring a reformation under this
section .</span></u></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext"> </span></p>
<p class="MsoNormal"><a moz-do-not-send="true"
name="m_-3985529974465167206__MailEndCompose"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext"> </span></a></p>
<div>
<div style="border:none;border-top:solid #e1e1e1
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">From:</span></b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">
<a moz-do-not-send="true"
href="mailto:public-bounces@cabforum.org"
target="_blank">public-bounces@cabforum.org</a>
[mailto:<a moz-do-not-send="true"
href="mailto:public-bounces@cabforum.org"
target="_blank">public-bounces@cabforum.org</a>]
<b>On Behalf Of </b>Gervase Markham<br>
<b>Sent:</b> Wednesday, April 27, 2016 10:38
AM<br>
<b>To:</b> CABFPub <<a
moz-do-not-send="true"
href="mailto:public@cabforum.org"
target="_blank">public@cabforum.org</a>><br>
<b>Subject:</b> [cabfpub] BRs section 9.16.3
(exception for laws)</span></p>
</div>
</div>
<div>
<div class="h5">
<p class="MsoNormal"> </p>
<p class="MsoNormal" style="text-autospace:none">Hi
everyone,</p>
<p class="MsoNormal" style="text-autospace:none">At
the last CAB Forum meeting, we had a
discussion about BRs section 9.16.3, and the
possibility that it allows CAs to violate the
BRs without appropriate notification. After
the CAB Forum meeting, the following amendment
(which I have tweaked) was helpfully suggested
by one participant in the conversation The aim
is to bring transparency, so anyone in
violation under this clause is at least
documented, and we can consider revisions to
the BRs accordingly.</p>
<p class="MsoNormal" style="text-autospace:none">What
do people think?</p>
<p class="MsoNormal" style="text-autospace:none">Gerv</p>
<p class="MsoNormal" style="text-autospace:none"> </p>
<p class="MsoNormal" style="text-autospace:none"><b>9.16.3.
Severability</b></p>
<p class="MsoNormal" style="text-autospace:none">If
a court or government body with jurisdiction
over the activities covered by these
Requirements determines that the performance
of any mandatory requirement is illegal, then
such requirement is considered reformed to the
minimum extent necessary to make the
requirement valid and legal. This applies only
to operations or certificate issuances that
are subject to the laws of that jurisdiction.
The parties involved SHALL notify the CA /
Browser Forum <u><span style="color:red">by
sending a detailed message to </span></u><a
moz-do-not-send="true"
href="mailto:questions@cabforum.org"
target="_blank">questions@cabforum.org</a><u><span
style="color:red"> </span></u>of the
facts, circumstances, and law(s) involved, <u><span
style="color:red">and receiving
confirmation of the receipt of the message
by the CA/Browser Forum,</span></u><span
style="color:red"> </span>so that the
CA/Browser Forum may <u><span
style="color:red">consider possible
revisions to these</span></u> Requirements
accordingly.</p>
<p class="MsoNormal"><u><span style="color:red">Any
CA that wants to deviate from any
mandatory requirement of these
Requirements as written on the basis of
this Section 9.16.3 must list all such
non-conformity (including a reference to
the specific Requirement(s) subject to
deviation) in Section 9.16.3 of the CA’s
CPS before deviating from the
Requirement(s), and include in such
disclosure the facts, circumstances, and
law(s) involved. </span></u></p>
</div>
</div>
</div>
</div>
<br>
_______________________________________________<br>
Public mailing list<br>
<a moz-do-not-send="true"
href="mailto:Public@cabforum.org">Public@cabforum.org</a><br>
<a moz-do-not-send="true"
href="https://cabforum.org/mailman/listinfo/public"
rel="noreferrer" target="_blank">https://cabforum.org/mailman/listinfo/public</a><br>
<br>
</blockquote>
</div>
<br>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Public mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Public@cabforum.org">Public@cabforum.org</a>
<a class="moz-txt-link-freetext" href="https://cabforum.org/mailman/listinfo/public">https://cabforum.org/mailman/listinfo/public</a>
</pre>
</blockquote>
<br>
</body>
</html>