<div dir="ltr">Inigo,<div><br></div><div>I'm not sure how this is meaningfully different than how we handle EV audits, which root stores also require the BR audits.</div><div><br></div><div>I've reviewed 411-1 and 411-2, and the outstanding question you didn't answer is what prevents a CA from getting audited under EVCP when getting a QCP-w audit.</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Jun 9, 2016 at 3:49 AM, Barreira Iglesias, Iñigo <span dir="ltr"><<a href="mailto:i-barreira@izenpe.eus" target="_blank">i-barreira@izenpe.eus</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div lang="ES" link="blue" vlink="purple">
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Now to the public<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Ryan, this is what is stated in EN 319 411-2<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span lang="EN-US">The standard EN 319 411-2, which sets requirements for trust service providers issuing EU qualified certificates, states as its objective, in what concerns qualified website authentication certificates, to define
<i>“A policy for EU qualified web certificate offering the level of quality defined in Regulation (EU) N° 910/2014 for EU qualified certificates (requiring or not the use of a secure cryptographic device) used in support of web authentication. The requirements
for this certificate policy include all the Extended Validation certificate policy (EVCP) requirements, plus additional provisions suited to support EU qualified certificates issuance and management as specified in Regulation (EU) N° 910/2014.”
<u></u><u></u></i></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal" style="line-height:9.75pt"><b><span lang="ES-TRAD" style="font-size:8.5pt;font-family:"Tahoma","sans-serif";color:black">Iñigo Barreira</span></b><span lang="ES-TRAD" style="font-size:8.5pt;font-family:"Tahoma","sans-serif";color:black"><br>
Responsable del Área técnica<br>
<a href="mailto:i-barreira@izenpe.eus" target="_blank">i-barreira@izenpe.eus</a> <u></u><u></u></span></p>
<p class="MsoNormal"><span lang="ES-TRAD" style="font-size:8.5pt;font-family:"Tahoma","sans-serif";color:black">945067705</span><span lang="ES-TRAD" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u><u></u></span></p>
<p class="MsoNormal"><span lang="ES-TRAD" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:navy"><img border="0" width="589" height="99" src="cid:image001.jpg@01D1C22A.5D643BC0" alt="Descripción: firma_email_Izenpe_eus"><u></u><u></u></span></p>
<p class="MsoNormal"><span lang="ES-TRAD" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal" style="line-height:9.75pt"><span style="font-size:7.5pt;font-family:"Tahoma","sans-serif";color:#888888">ERNE! Baliteke mezu honen zatiren bat edo mezu osoa legez babestuta egotea. Mezua badu bere hartzailea.
Okerreko helbidera heldu bada (helbidea gaizki idatzi, transmisioak huts egin) eman abisu igorleari, korreo honi erantzuna. KONTUZ!</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#888888"><br>
</span><span style="font-size:7.5pt;font-family:"Tahoma","sans-serif";color:#888888">ATENCION! Este mensaje contiene informacion privilegiada o confidencial a la que solo tiene derecho a acceder el destinatario. Si usted lo recibe
por error le agradeceriamos que no hiciera uso de la informacion y que se pusiese en contacto con el remitente.</span><span style="font-family:"Calibri","sans-serif";color:navy"><u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">De:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> Ryan Sleevi [mailto:<a href="mailto:sleevi@google.com" target="_blank">sleevi@google.com</a>]
<br>
<b>Enviado el:</b> jueves, 09 de junio de 2016 8:47<br>
<b>Para:</b> Barreira Iglesias, Iñigo<br>
<b>CC:</b> <a href="mailto:management@cabforum.org" target="_blank">management@cabforum.org</a><br>
<b>Asunto:</b> Re: [cabfman] Ballot 171? for updating the ETSI standards in the CABF documents<u></u><u></u></span></p>
<p class="MsoNormal"><u></u> <u></u></p>
<div>
<p class="MsoNormal">No, it doesn't, but I'll refrain from discussing that further until it's on the public list.<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
<div>
<p class="MsoNormal">On Wed, Jun 8, 2016 at 11:38 PM, Barreira Iglesias, Iñigo <<a href="mailto:i-barreira@izenpe.eus" target="_blank">i-barreira@izenpe.eus</a>> wrote:<u></u><u></u></p>
<div>
<div>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Yes, in order to get a QWAC you have to follow the EVCP but not the other way round.
So an EVCP can´t be a QWAC but a QWAC has to be an EVCP. Does this help?</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span><u></u><u></u></p>
<p class="MsoNormal" style="line-height:9.75pt">
<b><span lang="ES-TRAD" style="font-size:8.5pt;font-family:"Tahoma","sans-serif";color:black">Iñigo Barreira</span></b><span lang="ES-TRAD" style="font-size:8.5pt;font-family:"Tahoma","sans-serif";color:black"><br>
Responsable del Área técnica<br>
<a href="mailto:i-barreira@izenpe.eus" target="_blank">i-barreira@izenpe.eus</a> </span>
<u></u><u></u></p>
<p class="MsoNormal"><span lang="ES-TRAD" style="font-size:8.5pt;font-family:"Tahoma","sans-serif";color:black">945067705</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="ES-TRAD" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:navy"><img border="0" width="589" height="99" src="cid:image001.jpg@01D1C22A.5D643BC0" alt="Descripción: firma_email_Izenpe_eus"></span><u></u><u></u></p>
<p class="MsoNormal"><span lang="ES-TRAD" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span><u></u><u></u></p>
<p class="MsoNormal" style="line-height:9.75pt">
<span style="font-size:7.5pt;font-family:"Tahoma","sans-serif";color:#888888">ERNE! Baliteke mezu honen zatiren bat edo mezu osoa legez babestuta egotea. Mezua badu bere hartzailea. Okerreko helbidera heldu bada (helbidea gaizki idatzi, transmisioak huts egin)
eman abisu igorleari, korreo honi erantzuna. KONTUZ!</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#888888"><br>
</span><span style="font-size:7.5pt;font-family:"Tahoma","sans-serif";color:#888888">ATENCION! Este mensaje contiene informacion privilegiada o confidencial a la que solo tiene derecho a acceder el destinatario. Si usted lo recibe por error le agradeceriamos
que no hiciera uso de la informacion y que se pusiese en contacto con el remitente.</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span><u></u><u></u></p>
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">De:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> Ryan Sleevi [mailto:<a href="mailto:sleevi@google.com" target="_blank">sleevi@google.com</a>]
<br>
<b>Enviado el:</b> miércoles, 08 de junio de 2016 20:15<br>
<b>Para:</b> Barreira Iglesias, Iñigo<br>
<b>CC:</b> <a href="mailto:management@cabforum.org" target="_blank">management@cabforum.org</a><br>
<b>Asunto:</b> Re: [cabfman] Ballot 171? for updating the ETSI standards in the CABF documents</span><u></u><u></u></p>
<div>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
<div>
<p class="MsoNormal">Inigo,<u></u><u></u></p>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">Is there anything that prevents a CA from getting a 411-2 audit from getting a 411-1 audit to EVCP?<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">I've said it before, but I'm extremely uncomfortable recognize QWACs as equivalent to EV. If QWACs want recognition, having them issued compliant with the EVCP policy and the QCP-w
policy seems entirely reasonable.<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">This is no different than if WebTrust were to create a new profile of "WebTrust for CAs - WebTrust's Really Awesome Standards" that made assurances that they "captured the spirit"
of EV (which is effectively what QCP-w is stating)<u></u><u></u></p>
</div>
</div>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
<div>
<p class="MsoNormal">On Wed, Jun 8, 2016 at 5:37 AM, Barreira Iglesias, Iñigo <<a href="mailto:i-barreira@izenpe.eus" target="_blank">i-barreira@izenpe.eus</a>> wrote:<u></u><u></u></p>
<div>
<div>
<p><strong><span lang="EN-US">Ballot 171 – Updating the ETSI standards in the CABF documents</span></strong><u></u><u></u></p>
<p><span lang="EN-US">The following motion has been proposed by Iñigo Barreira of Izenpe and endorsed by XXX and XXX:
</span><u></u><u></u></p>
<p><span lang="EN-US">-- MOTION BEGINS – </span><u></u><u></u></p>
<p><b><span lang="EN-US">In the BRs,</span></b><u></u><u></u></p>
<p><span lang="EN-US">In section 1.6.3 References, change:</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"Cambria","serif"">ETSI TS 119 403, Electronic Signatures and Infrastructures (ESI); Trust Service Provider Conformity Assessment ‐ General Requirements and Guidance.</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"Cambria","serif"">ETSI TS 102 042, Electronic Signatures and Infrastructures (ESI); Policy requirements for certification authorities issuing public key certificates.</span><u></u><u></u></p>
<p><span lang="EN-US">With</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US">ETSI EN 319 403, Electronic Signatures and Infrastructures (ESI); Trust Service Provider Conformity Assessment - Requirements for conformity assessment bodies assessing Trust Service Providers</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US"> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US">ETSI EN 319 411-1, Electronic Signatures and Infrastructures (ESI); Policy and security requirements for Trust Service Providers issuing certificates;</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US">Part 1: General requirements</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US"> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US">ETSI EN 319 411-2, Electronic Signatures and Infrastructures (ESI); Policy and security requirements for Trust Service Providers issuing certificates;</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US">Part 2: Requirements for trust service providers issuing EU qualified certificates</span><u></u><u></u></p>
<p><span lang="EN-US">In section 8.2 Identity/qualification of assessor, point 4, change:</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">4. (For audits conducted in accordance with any one of the ETSI standards) accredited in accordance with ETSI TS 119 403, or accredited to conduct such audits under an equivalent
national scheme, or accredited by a national accreditation body in line with ISO 27006 to carry out ISO 27001 audits;</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif""> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">With</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif""> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">4. (For audits conducted in accordance with any one of the ETSI standards) accredited in accordance with ETSI EN 319 403;</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif""> </span><u></u><u></u></p>
<p><span lang="EN-US">In section 8.4 Topics covered by assessment, point 2, change:</span><u></u><u></u></p>
<p><span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">2. A national scheme that audits conformance to ETSI TS 102 042;</span><u></u><u></u></p>
<p><span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">With</span><u></u><u></u></p>
<p><span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">2. A national scheme that audits conformance to ETSI EN 319 411-1;</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<b><span lang="EN-US">In the EV guidelines,</span></b><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US"> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US">In section 8.2.1 Implementation, point (B), change:</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US"> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">(B)</span><span lang="EN-US" style="font-size:10.0pt;font-family:Symbol">
</span><span lang="EN-US" style="font-size:10.0pt;font-family:"SymbolMT","serif""> </span><span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">Implement the requirements of (i) the then-current WebTrust Program for CAs, and (ii)
the then-current WebTrust</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">EV Program or ETSI TS 102 042; and</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif""> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">With</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif""> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">(B)</span><span lang="EN-US" style="font-size:10.0pt;font-family:Symbol">
</span><span lang="EN-US" style="font-size:10.0pt;font-family:"SymbolMT","serif""> </span><span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">Implement the requirements of (i) the then-current WebTrust Program for CAs, and (ii)
the then-current WebTrust</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">EV Program or ETSI EN 319 411-1 for EVCP policy or ETSI EN 319 411-2 for QCP-w policy; and</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif""> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif""> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US">In section 8.2.2 Disclosure, change:</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US"> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">The CA is also REQUIRED to publicly disclose its CA business practices as required by both WebTrust for CAs and ETSI TS 102 042.</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif""> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">With</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif""> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">The CA is also REQUIRED to publicly disclose its CA business practices as required by both WebTrust for CAs and ETSI EN 319 411-1 or ETSI EN 319 411-2.</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif""> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US"> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US">In section 17.1 Eligible audit schemes, point (ii), change:</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US"> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">(ii) ETSI TS 102 042 audit</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif""> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">With</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif""> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">(ii) ETSI EN 319 411-1 audit for EVCP policy or ETSI EN 319 411-2 audit for QCP-w policy</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif""> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US"> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US">In section 17.4 pre-issuance readiness audit, point (2), change:</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US"> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">(2) If the CA has a currently valid ETSI 102 042 audit, then, before issuing EV Certificates, the CA and its Root CA MUST</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">successfully complete a point-in-time readiness assessment audit against ETSI TS 102 042.</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif""> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">With</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif""> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">(2) If the CA has a currently valid ETSI EN 319 411-1 audit for EVCP policy or ETSI EN 319 411-2 for QCP-w policy, then, before issuing EV Certificates, the CA and its Root
CA MUST successfully complete a point-in-time readiness assessment audit against these ETSI standards.</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif""> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif""> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US">In section 17.4 pre-issuance readiness audit, point (3), change:</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US"> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">(3) If the CA does not have a currently valid WebTrust Seal of Assurance for CAs or an ETSI 102 042 audit, then, before</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">issuing EV Certificates, the CA and its Root CA MUST successfully complete either: (i) a point-in-time readiness</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">assessment audit against the WebTrust for CA Program, or (ii) a point-in-time readiness assessment audit against the</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">WebTrust EV Program, or an ETSI TS 102 042 audit.</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif""> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">With</span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif""> </span><u></u><u></u></p>
<p class="MsoNormal" style="text-autospace:none">
<span lang="EN-US" style="font-size:10.0pt;font-family:"TimesNewRomanPSMT","serif"">(3) If the CA does not have a currently valid WebTrust Seal of Assurance for CAs or an ETSI EN 319 411-1 audit for EVCP policy or ETSI EN 319 411-2 for QCP-w policy, then, before
issuing EV Certificates, the CA and its Root CA MUST successfully complete either: (i) a point-in-time readiness assessment audit against the WebTrust for CA Program, or (ii) a point-in-time readiness assessment audit against the WebTrust EV Program, or an
ETSI EN 319 411-1 for EVCP or ETSI EN 319 411-2 for QCP-w audit.</span><u></u><u></u></p>
<p><span lang="EN-US">-- MOTION ENDS -- </span><u></u><u></u></p>
<p><span lang="EN-US">The review period for this ballot shall commence at 2200 UTC on 13 June 2016, and will close at 2200 UTC on 20 June 2016. Unless the motion is withdrawn during the review period, the voting period will start immediately thereafter and
will close at 2200 UTC on 26 June 2016. Votes must be cast by posting an on-list reply to this thread.
</span><u></u><u></u></p>
<p><span lang="EN-US">A vote in favor of the motion must indicate a clear 'yes' in the response. A vote against must indicate a clear 'no' in the response. A vote to abstain must indicate a clear 'abstain' in the response. Unclear responses will not be counted.
The latest vote received from any representative of a voting member before the close of the voting period will be counted. Voting members are listed here:
<a href="https://cabforum.org/members/" target="_blank">https://cabforum.org/members/</a>
</span><u></u><u></u></p>
<p><span lang="EN-US">In order for the motion to be adopted, two thirds or more of the votes cast by members in the CA category and greater than 50% of the votes cast by members in the browser category must be in favor. Quorum is currently ten (10) members–
at least ten members must participate in the ballot, either by voting in favor, voting against, or abstaining.
</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-US"> </span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-US"> </span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-US"> </span><u></u><u></u></p>
<p class="MsoNormal" style="line-height:9.75pt">
<b><span lang="ES-TRAD" style="font-size:8.5pt;font-family:"Tahoma","sans-serif";color:black">Iñigo Barreira</span></b><span lang="ES-TRAD" style="font-size:8.5pt;font-family:"Tahoma","sans-serif";color:black"><br>
Responsable del Área técnica<br>
<a href="mailto:i-barreira@izenpe.eus" target="_blank">i-barreira@izenpe.eus</a> </span>
<u></u><u></u></p>
<p class="MsoNormal"><span lang="ES-TRAD" style="font-size:8.5pt;font-family:"Tahoma","sans-serif";color:black">945067705</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="ES-TRAD"> </span><u></u><u></u></p>
<p class="MsoNormal"><span style="color:navy"><img border="0" width="589" height="99" src="cid:image001.jpg@01D1C22A.5D643BC0" alt="Descripción: firma_email_Izenpe_eus"></span><u></u><u></u></p>
<p class="MsoNormal"><span lang="ES-TRAD"> </span><u></u><u></u></p>
<p class="MsoNormal" style="line-height:9.75pt">
<span style="font-size:7.5pt;font-family:"Tahoma","sans-serif";color:#888888">ERNE! Baliteke mezu honen zatiren bat edo mezu osoa legez babestuta egotea. Mezua badu bere hartzailea. Okerreko helbidera heldu bada (helbidea gaizki idatzi, transmisioak huts egin)
eman abisu igorleari, korreo honi erantzuna. KONTUZ!</span><span style="color:#888888"><br>
</span><span style="font-size:7.5pt;font-family:"Tahoma","sans-serif";color:#888888">ATENCION! Este mensaje contiene informacion privilegiada o confidencial a la que solo tiene derecho a acceder el destinatario. Si usted lo recibe por error le agradeceriamos
que no hiciera uso de la informacion y que se pusiese en contacto con el remitente.</span><u></u><u></u></p>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><br>
_______________________________________________<br>
Management mailing list<br>
<a href="mailto:Management@cabforum.org" target="_blank">Management@cabforum.org</a><br>
<a href="https://cabforum.org/mailman/listinfo/management" target="_blank">https://cabforum.org/mailman/listinfo/management</a><u></u><u></u></p>
</div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
</div>
</div>
</div>
</div>
</div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
</div>
</div>
<br>_______________________________________________<br>
Public mailing list<br>
<a href="mailto:Public@cabforum.org">Public@cabforum.org</a><br>
<a href="https://cabforum.org/mailman/listinfo/public" rel="noreferrer" target="_blank">https://cabforum.org/mailman/listinfo/public</a><br>
<br></blockquote></div><br></div>