<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:TimesNewRomanPSMT;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin-top:0in;
        margin-right:0in;
        margin-bottom:8.0pt;
        margin-left:0in;
        line-height:105%;
        font-size:11.0pt;
        font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:#0563C1;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:#954F72;
        text-decoration:underline;}
p.msonormal0, li.msonormal0, div.msonormal0
        {mso-style-name:msonormal;
        mso-margin-top-alt:auto;
        margin-right:0in;
        mso-margin-bottom-alt:auto;
        margin-left:0in;
        font-size:11.0pt;
        font-family:"Calibri",sans-serif;}
p.line867, li.line867, div.line867
        {mso-style-name:line867;
        mso-margin-top-alt:auto;
        margin-right:0in;
        mso-margin-bottom-alt:auto;
        margin-left:0in;
        font-size:12.0pt;
        font-family:"Times New Roman",serif;
        color:black;}
p.line874, li.line874, div.line874
        {mso-style-name:line874;
        mso-margin-top-alt:auto;
        margin-right:0in;
        mso-margin-bottom-alt:auto;
        margin-left:0in;
        font-size:12.0pt;
        font-family:"Times New Roman",serif;
        color:black;}
span.EmailStyle20
        {mso-style-type:personal;
        font-family:"Calibri",sans-serif;
        color:windowtext;}
span.EmailStyle21
        {mso-style-type:personal;
        font-family:"Calibri",sans-serif;
        color:#1F497D;}
span.EmailStyle23
        {mso-style-type:personal-reply;
        font-family:"Calibri",sans-serif;
        color:windowtext;}
.MsoChpDefault
        {mso-style-type:export-only;
        font-size:10.0pt;}
@page WordSection1
        {size:8.5in 11.0in;
        margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
        {page:WordSection1;}
/* List Definitions */
@list l0
        {mso-list-id:1444808896;
        mso-list-template-ids:-1256808566;}
@list l1
        {mso-list-id:1485123272;
        mso-list-type:hybrid;
        mso-list-template-ids:-1810615808 67698703 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
@list l1:level1
        {mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l1:level2
        {mso-level-number-format:alpha-lower;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l1:level3
        {mso-level-number-format:roman-lower;
        mso-level-tab-stop:none;
        mso-level-number-position:right;
        text-indent:-9.0pt;}
@list l1:level4
        {mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l1:level5
        {mso-level-number-format:alpha-lower;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l1:level6
        {mso-level-number-format:roman-lower;
        mso-level-tab-stop:none;
        mso-level-number-position:right;
        text-indent:-9.0pt;}
@list l1:level7
        {mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l1:level8
        {mso-level-number-format:alpha-lower;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l1:level9
        {mso-level-number-format:roman-lower;
        mso-level-tab-stop:none;
        mso-level-number-position:right;
        text-indent:-9.0pt;}
ol
        {margin-bottom:0in;}
ul
        {margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link="#0563C1" vlink="#954F72"><div class=WordSection1><p class=MsoNormal style='margin-bottom:0in;margin-bottom:.0001pt;line-height:normal'><a name="_MailEndCompose">All,<o:p></o:p></a></p><p class=MsoNormal style='margin-bottom:0in;margin-bottom:.0001pt;line-height:normal'><span style='mso-bookmark:_MailEndCompose'>Attached is the redlined version of Appendix F of the EV Guidelines (v.1.6.3) based on the language of the ballot.  There was a discrepancy between the earlier PDF attachment to the ballot and the text in email that announced the ballot.  It appears that the PDF was based on an old, out-of-date version of Appendix F .  <o:p></o:p></span></p><p class=MsoNormal style='margin-bottom:0in;margin-bottom:.0001pt;line-height:normal'><span style='mso-bookmark:_MailEndCompose'>In the attached redlined version I have tried to preserve the intent of Ballot 198.  I will be posting version 1.6.3 of the EV Guidelines to the CA/Browser Forum website shortly.  All versions (PDF/Word/redlined/w-o redlining) will be uploaded to here https://cabforum.org/wiki/EV on the wiki as well.<o:p></o:p></span></p><p class=MsoNormal style='margin-bottom:0in;margin-bottom:.0001pt;line-height:normal'><span style='mso-bookmark:_MailEndCompose'>Yours truly,<o:p></o:p></span></p><p class=MsoNormal style='margin-bottom:0in;margin-bottom:.0001pt;line-height:normal'><span style='mso-bookmark:_MailEndCompose'>Ben Wilson  </span><span style='mso-bookmark:_MailEndCompose'><o:p></o:p></span></p><p class=MsoNormal><span style='mso-bookmark:_MailEndCompose'><o:p> </o:p></span></p><span style='mso-bookmark:_MailEndCompose'></span><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal style='margin-bottom:0in;margin-bottom:.0001pt;line-height:normal'><b>From:</b> Public [mailto:public-bounces@cabforum.org] <b>On Behalf Of </b>Kirk Hall via Public<br><b>Sent:</b> Monday, May 8, 2017 5:18 PM<br><b>To:</b> CA/Browser Forum Public Discussion List <public@cabforum.org><br><b>Cc:</b> Kirk Hall <Kirk.Hall@entrustdatacard.com><br><b>Subject:</b> [cabfpub] Revised Notice of Review Period - Ballot 198 - .Onion Revisions<o:p></o:p></p></div></div><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><span style='color:#1F497D'>Sorry, got end date wrong before.  End date in June 8 at 01:00 UTC.<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal style='margin-bottom:0in;margin-bottom:.0001pt;line-height:normal'><b><span style='font-size:12.0pt;font-family:"Arial",sans-serif'>NOTICE OF REVIEW PERIOD – BALLOT 198<o:p></o:p></span></b></p><p class=MsoNormal align=center style='margin-bottom:0in;margin-bottom:.0001pt;text-align:center;line-height:normal'><b><span style='font-size:12.0pt;font-family:"Arial",sans-serif'><o:p> </o:p></span></b></p><p class=MsoNormal style='margin-bottom:0in;margin-bottom:.0001pt;line-height:normal;text-autospace:none'><span style='font-size:12.0pt;font-family:"Arial",sans-serif'>This Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum’s Intellectual Property Rights Policy (v1.2).  This Review Period is for Final Maintenance Guidelines (30 day Review Period).  </span><span style='font-size:12.0pt;font-family:TimesNewRomanPSMT'>A complete draft of the Draft Guideline that is the subject of this Review Notice is attached.</span><o:p></o:p></p><p class=MsoNormal style='margin-bottom:0in;margin-bottom:.0001pt;line-height:normal'><span style='font-size:12.0pt;font-family:"Arial",sans-serif'><o:p> </o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:0in;margin-left:.25in;margin-bottom:.0001pt;line-height:normal'><span style='font-size:12.0pt;font-family:"Arial",sans-serif'>Date Review Notice Sent:        May 8, 2017<u><o:p></o:p></u></span></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:0in;margin-left:.25in;margin-bottom:.0001pt;line-height:normal'><span style='font-size:12.0pt;font-family:"Arial",sans-serif'><o:p> </o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:0in;margin-left:.25in;margin-bottom:.0001pt;line-height:normal'><span style='font-size:12.0pt;font-family:"Arial",sans-serif'>Ballot for Review:                    Ballot 198 - .Onion Revisions<u><o:p></o:p></u></span></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:0in;margin-left:.25in;margin-bottom:.0001pt;line-height:normal'><u><span style='font-size:12.0pt;font-family:"Arial",sans-serif'><o:p><span style='text-decoration:none'> </span></o:p></span></u></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:0in;margin-left:.25in;margin-bottom:.0001pt;line-height:normal'><span style='font-size:12.0pt;font-family:"Arial",sans-serif'>Start of Review Period:           May 9, 2017 at 01:00 UTC<u><o:p></o:p></u></span></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:0in;margin-left:.25in;margin-bottom:.0001pt;line-height:normal'><u><span style='font-size:12.0pt;font-family:"Arial",sans-serif'><o:p><span style='text-decoration:none'> </span></o:p></span></u></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:0in;margin-left:.25in;margin-bottom:.0001pt;line-height:normal'><span style='font-size:12.0pt;font-family:"Arial",sans-serif'>End of Review Period:             June <span style='color:#1F497D'>8</span>, 2017 at 01:00 UTC<u><o:p></o:p></u></span></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:0in;margin-left:.25in;margin-bottom:.0001pt;line-height:normal'><u><span style='font-size:12.0pt;font-family:"Arial",sans-serif'><o:p><span style='text-decoration:none'> </span></o:p></span></u></p><p class=MsoNormal style='margin-bottom:0in;margin-bottom:.0001pt;line-height:normal;text-autospace:none'><span style='font-size:12.0pt;font-family:"Arial",sans-serif'>Please forward any Exclusion Notice relating to Essential Claims to the Chair by email to </span><a href="mailto:kirk.hall@entrustdatacard.com"><span style='font-size:12.0pt;font-family:"Arial",sans-serif'>kirk.hall@entrustdatacard.com</span></a><span style='font-size:12.0pt;font-family:"Arial",sans-serif'> before the end of the Review Period.  See current version of CA/Browser Forum Intellectual Property Rights Policy for details.  </span><i><span style='font-family:"Arial",sans-serif'>(Optional form of Exclusion Notice is attached)<o:p></o:p></span></i></p><p class=line867><strong><span style='font-family:"Arial",sans-serif'>Ballot 198 - .Onion Revisions</span></strong><i><span style='font-family:"Arial",sans-serif'><o:p></o:p></span></i></p><p class=line874 style='background:white'><span style='font-family:"Arial",sans-serif'>-- MOTION BEGINS –<o:p></o:p></span></p><p class=line874 style='background:white'><span style='font-family:"Arial",sans-serif'>Revise Appendix F, Section 1 to read as follows:<o:p></o:p></span></p><p class=MsoNormal><b><span style='font-size:12.0pt;line-height:105%;font-family:"Arial",sans-serif'>Appendix F – Issuance of Certificates for .onion Domain Names<o:p></o:p></span></b></p><p class=MsoNormal><span style='font-size:12.0pt;line-height:105%;font-family:"Arial",sans-serif'>A CA may issue an EV Certificate containing the .onion Domain Name provided that issuance complies with the requirements set forth in this Appendix:<o:p></o:p></span></p><ol style='margin-top:0in' start=1 type=1><li class=MsoNormal style='margin-left:0in;mso-list:l1 level1 lfo3'><span style='font-size:12.0pt;line-height:105%;font-family:"Arial",sans-serif'>CAB Forum Tor Service Descriptor Hash extension (2.23.140.1.31)<o:p></o:p></span></li></ol><p class=MsoNormal><span style='font-size:12.0pt;line-height:105%;font-family:"Arial",sans-serif'>The CAB Forum extension in of the TBSCertificate to convey hashes of keys related to .onion addresses.  The CA MUST include the Tor Service Descriptor Hash extension using the following format:<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;line-height:105%;font-family:"Arial",sans-serif'>cabf-TorServiceDescriptorHash OBJECT IDENTIFIER ::= { 2.23.140.1.31 }<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;line-height:105%;font-family:"Arial",sans-serif'>TorServiceDescriptorHash:: = SEQUENCE { <o:p></o:p></span></p><p class=MsoNormal style='text-indent:.5in'><span style='font-size:12.0pt;line-height:105%;font-family:"Arial",sans-serif'>algorithm                        AlgorithmIdentifier<o:p></o:p></span></p><p class=MsoNormal style='text-indent:.5in'><span style='font-size:12.0pt;line-height:105%;font-family:"Arial",sans-serif'>subjectPublicKeyHash   BIT STRING              }<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;line-height:105%;font-family:"Arial",sans-serif'>Where the AlgorithmIdentifier is a hashing algorithm (defined in RFC 6234) performed over the raw Public Key of the .onion service and SubjectPublicKeyHash is the value of the hash output of the raw Public Key.<o:p></o:p></span></p><p class=line874 style='background:white'><span style='font-family:"Arial",sans-serif'>--Motion Ends--<i><o:p></o:p></i></span></p><p class=MsoNormal><o:p> </o:p></p></div></body></html>