<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<br>
Tim also mentioned
(<a class="moz-txt-link-freetext" href="https://cabforum.org/pipermail/public/2018-March/013076.html">https://cabforum.org/pipermail/public/2018-March/013076.html</a>) that
you would need to post a new version, even with no changes (this was
a bit odd but it's the rules :). Your e-mail on March 14th clearly
indicates a v2 but I'm having a little trouble following the
discussion dates mentioned in your previous posts. On March 14th,
you indicate that the discussion period ends on March 23rd. In
today's message, you indicate that the discussion period ends
tomorrow (April 3rd) and then we vote. It seems a bit strange to
what we've seen in the past :)<br>
<br>
<br>
Thanks,<br>
Dimitris.<br>
<br>
<div class="moz-cite-prefix">On 2/4/2018 5:31 μμ, Corey Bonnell
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:880EE7B7-C7E9-49B3-A62C-2D2F80BDE849@trustwave.com">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Yu Mincho";
panose-1:2 2 4 0 0 0 0 0 0 0;}
@font-face
{font-family:"\@Yu Mincho";}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
span.EmailStyle18
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle19
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.apple-converted-space
{mso-style-name:apple-converted-space;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;}
span.EmailStyle23
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style>
<div class="WordSection1">
<p class="MsoNormal">Hi Dimitris,<o:p></o:p></p>
<p class="MsoNormal">From v1.8 of the Bylaws, section 2.3.c:
“The ballot automatically fails if 21 calendar days elapse
since the proposer last posted a version of the ballot and the
voting period has not been started.”<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I last posted a version of the ballot on
March 14th (<a
href="https://cabforum.org/pipermail/public/2018-March/013086.html"
moz-do-not-send="true">https://cabforum.org/pipermail/public/2018-March/013086.html</a>),
which is less than 21 calendar days ago. Given that, I do not
believe this ballot has expired.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Thanks,<o:p></o:p></p>
<p class="MsoNormal">Corey<sup><o:p></o:p></sup></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div style="border:none;border-top:solid #B5C4DF
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span
style="font-size:12.0pt;color:black">From: </span></b><span
style="font-size:12.0pt;color:black">Dimitris
Zacharopoulos <a class="moz-txt-link-rfc2396E" href="mailto:jimmy@it.auth.gr"><jimmy@it.auth.gr></a><br>
<b>Date: </b>Monday, April 2, 2018 at 10:23 AM<br>
<b>To: </b>Corey Bonnell <a class="moz-txt-link-rfc2396E" href="mailto:CBonnell@trustwave.com"><CBonnell@trustwave.com></a>,
CA/Browser Forum Public Discussion List
<a class="moz-txt-link-rfc2396E" href="mailto:public@cabforum.org"><public@cabforum.org></a><br>
<b>Subject: </b>Re: [cabfpub] Discussion Period to
End/Voting to Begin on Ballot 219 v2: Clarify handling of
CAA Record Sets with no "issue"/"issuewild" property tag<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt">Hello Corey,<br>
<br>
I'm afraid you've passed the 21 days from first introduction
and according to the Bylaws (section 2.3 c) the ballot
automatically fails. I think this is actually the first time
we have this situation so I would like at least another member
to confirm or correct my interpretation.<br>
<br>
If I am correct, you should pick a new ballot number and send
a new ballot to start the 7-day (minimum) discussion period.
If you are certain that you will not need more than 7 days for
discussion, you could indicate that the voting period begins
exactly after the 7-days discussion.<br>
<br>
<br>
Best Regards,<br>
Dimitris.<o:p></o:p></p>
<div>
<p class="MsoNormal">On 2/4/2018 4:52 μμ, Corey Bonnell via
Public wrote:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal">Hello, <o:p></o:p></p>
<p class="MsoNormal"><a name="_MailOriginalBody"
moz-do-not-send="true">IETF 101 has transpired two weeks
ago and erratum 5244 (</a><a
href="https://scanmail.trustwave.com/?c=4062&d=-7zC2mLoCEj_NneVHp-V3QEqSUXMX5Za_nt1gdSZOA&s=5&u=https%3a%2f%2fwww%2erfc-editor%2eorg%2ferrata%2feid5244"
moz-do-not-send="true"><span
style="mso-bookmark:_MailOriginalBody">https://www.rfc-editor.org/errata/eid5244</span><span
style="mso-bookmark:_MailOriginalBody"></span></a><span
style="mso-bookmark:_MailOriginalBody">) was discussed.
There is acknowledgement by the RFC 6844-bis author that
the wording will be clarified in the next version of the
RFC (<span style="color:black">see Jacob Hoffman-Andrews’s
acknowledgement at </span></span><a
href="https://scanmail.trustwave.com/?c=4062&d=-7zC2mLoCEj_NneVHp-V3QEqSUXMX5Za_nkii4fEOg&s=5&u=https%3a%2f%2fclicktime%2esymantec%2ecom%2fa%2f1%2fuUwicKB8-pbHUWekhZLLnL1-iQ4iv8xW0naYU8AFGIw%3d%3fd%3dq3oyNowL2aeaPqmICQ6FILMGQnUfIOKUv5cXNx7atOigOD%5fQT40kd5gytm1HYEMEC5lPaH7h2Z8%5frmod645WTM4RcJ0f2NjDMvKUaPdN%5fNMSYIvaHstwmn7QNVmPT8lyOMUi--ogk2eOrlGGaWrMS9A6FiBImZuZ3OPHhoEWrCgKUUWTwngjo-SM%5fS3gSUr8NNNN2zTX2c2EHeYXnHvU5FgDJofsezIeuOxr2iYXJMYqQCCKHEq-m5mX66RT-wjoereyGuNb5VjIn9QGZuB-ds1QFnrLQKdMRrxIaIiDLgSqSlkfUqIU1BzVD-AaoO8sTJlufu3%5f0hW6KIgY5aKiDcHcgZZQSZwNjiazIwVkAGQeel0RrA%3d%3d%26u%3dhttps%3a%2f%2fwww%2eietf%2eorg%2fmail-archive%2fweb%2fspasm%2fcurrent%2fmsg01203%2ehtml"
moz-do-not-send="true"><span
style="mso-bookmark:_MailOriginalBody"><span
style="color:#954F72">https://www.ietf.org/mail-archive/web/spasm/current/msg01203.html</span></span><span
style="mso-bookmark:_MailOriginalBody"></span></a><span
style="mso-bookmark:_MailOriginalBody"><span
style="color:black"> and my response at </span></span><a
href="https://scanmail.trustwave.com/?c=4062&d=-7zC2mLoCEj_NneVHp-V3QEqSUXMX5Za_n1w0YWfYQ&s=5&u=https%3a%2f%2fclicktime%2esymantec%2ecom%2fa%2f1%2f8ZBAp3FOCf908ne78Zhxwn40HD9hrc0H9QE-w1fF6oI%3d%3fd%3dq3oyNowL2aeaPqmICQ6FILMGQnUfIOKUv5cXNx7atOigOD%5fQT40kd5gytm1HYEMEC5lPaH7h2Z8%5frmod645WTM4RcJ0f2NjDMvKUaPdN%5fNMSYIvaHstwmn7QNVmPT8lyOMUi--ogk2eOrlGGaWrMS9A6FiBImZuZ3OPHhoEWrCgKUUWTwngjo-SM%5fS3gSUr8NNNN2zTX2c2EHeYXnHvU5FgDJofsezIeuOxr2iYXJMYqQCCKHEq-m5mX66RT-wjoereyGuNb5VjIn9QGZuB-ds1QFnrLQKdMRrxIaIiDLgSqSlkfUqIU1BzVD-AaoO8sTJlufu3%5f0hW6KIgY5aKiDcHcgZZQSZwNjiazIwVkAGQeel0RrA%3d%3d%26u%3dhttps%3a%2f%2fwww%2eietf%2eorg%2fmail-archive%2fweb%2fspasm%2fcurrent%2fmsg01206%2ehtml"
moz-do-not-send="true"><span
style="mso-bookmark:_MailOriginalBody"><span
style="color:#954F72">https://www.ietf.org/mail-archive/web/spasm/current/msg01206.html</span></span><span
style="mso-bookmark:_MailOriginalBody"></span></a><span
style="mso-bookmark:_MailOriginalBody"><span
style="color:black">). However, there is still no
indication that the erratum state will change to “Held
for Document Update” or “Approved” anytime soon.</span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="color:black"> </span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="color:black">We believe that the acknowledgement
from the RFC author to fix this in the next version of
the RFC is a sufficient surrogate to getting the erratum
state changed. Waiting for the erratum state to change
is merely red-tape in the process. As such, we intend to
proceed with the ballot in its current form by closing
the Discussion Period on Ballot 219 and begin voting
tomorrow evening (UTC time).
</span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"> <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody">Thanks,<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody">Corey<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"> <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-family:"Times New Roman",serif">Ballot
219 v2: Clarify handling of CAA Record Sets with no
"issue"/"issuewild" property tag</span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"> <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-family:"Times New Roman",serif">Purpose
of this ballot:</span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-family:"Times New Roman",serif"> </span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-family:"Times New Roman",serif">RFC
6844 contains an ambiguity in regard to the correct
processing of a non-empty CAA Resource Record Set that
does not contain any issue property tag (and also does
not contain any issuewild property tag in the case of a
Wildcard Domain Name). It is ambiguous if a CA must not
issue when such a CAA Resource Record Set is
encountered, or if such a Resource Record Set is
implicit permission to issue.</span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-family:"Times New Roman",serif"> </span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-family:"Times New Roman",serif">Given
that the intent of the RFC is clear (such a CAA Resource
Record Set is implicit permission to issue), we are
proposing the following change to allow for CAA
processing consistent with the intent of the RFC.</span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-family:"Times New Roman",serif"> </span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-family:"Times New Roman",serif">The
following motion has been proposed by Corey Bonnell of
Trustwave and endorsed by Tim Hollebeek of Digicert and
Mads Egil Henriksveen of Buypass.</span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-family:"Times New Roman",serif"> </span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-family:"Times New Roman",serif">--
MOTION BEGINS --</span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-family:"Times New Roman",serif">This
ballot modifies the “Baseline Requirements for the
Issuance and Management of Publicly-Trusted
Certificates” as follows, based upon Version 1.5.6:</span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-family:"Times New Roman",serif"> </span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-family:"Times New Roman",serif">In
section 3.2.2.8, add this sentence:</span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-family:"Times New Roman",serif">CAs
MAY treat a non-empty CAA Resource Record Set that does
not contain any issue property tags (and also does not
contain any issuewild property tags when performing CAA
processing for a Wildcard Domain Name) as permission to
issue, provided that no records in the CAA Resource
Record Set otherwise prohibit issuance<span
style="color:black">.</span></span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-family:"Times New Roman",serif"> </span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-family:"Times New Roman",serif">to
the end of this paragraph:</span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-family:"Times New Roman",serif">When
processing CAA records, CAs MUST process the issue,
issuewild, and iodef property tags as specified in RFC
6844, although they are not required to act on the
contents of the iodef property tag. Additional property
tags MAY be supported, but MUST NOT conflict with or
supersede the mandatory property tags set out in this
document. CAs MUST respect the critical flag and not
issue a certificate if they encounter an unrecognized
property with this flag set.</span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-family:"Times New Roman",serif"> </span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-family:"Times New Roman",serif">--
MOTION ENDS –</span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-family:"Times New Roman",serif"> </span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody">The procedure for
approval of this ballot is as follows:<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody">Discussion (7+
days)
<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"> Start Time:
2018-03-07 19:00:00 UTC
<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"> End Time:
2018-04-03 19:00:00 UTC<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"> <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody">Vote for approval
(7 days)
<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"> Start Time:
2018-04-03 19:00:00 UTC<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"> End Time:
2018-04-10 19:00:00 UTC<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"> <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-size:10.5pt;color:black"> </span><o:p></o:p></span></p>
<div>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><b><span
style="font-size:10.5pt;font-family:"Arial",sans-serif;color:#428FC5">Corey
Bonnell</span></b><o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-size:10.5pt;font-family:"Arial",sans-serif;color:gray">Senior
Software Engineer</span><o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-size:10.5pt;font-family:"Arial",sans-serif;color:gray">t:
+1 412.395.2233</span><o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-size:10.5pt;color:black"> </span><o:p></o:p></span></p>
</div>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><b><span
style="font-size:10.5pt;font-family:"Arial",sans-serif;color:#428FC5">Trustwave</span></b></span><span
style="mso-bookmark:_MailOriginalBody"><b><span
style="font-size:10.5pt;font-family:"Arial",sans-serif;color:gray"> </span></b></span><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-size:10.5pt;font-family:"Arial",sans-serif;color:gray">| SMART
SECURITY ON DEMAND</span></span><a
href="http://www.trustwave.com/" moz-do-not-send="true"><span
style="mso-bookmark:_MailOriginalBody"><span
style="font-size:10.5pt;font-family:"Arial",sans-serif;color:gray;text-decoration:none"><br>
www.trustwave.com</span></span><span
style="mso-bookmark:_MailOriginalBody"></span></a><span
style="mso-bookmark:_MailOriginalBody"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><br>
<br>
<br>
<o:p></o:p></span></p>
<pre><span style="mso-bookmark:_MailOriginalBody">_______________________________________________<o:p></o:p></span></pre>
<pre><span style="mso-bookmark:_MailOriginalBody">Public mailing list<o:p></o:p></span></pre>
<pre><span style="mso-bookmark:_MailOriginalBody"></span><a href="mailto:Public@cabforum.org" moz-do-not-send="true"><span style="mso-bookmark:_MailOriginalBody">Public@cabforum.org</span><span style="mso-bookmark:_MailOriginalBody"></span></a><span style="mso-bookmark:_MailOriginalBody"><o:p></o:p></span></pre>
<pre><span style="mso-bookmark:_MailOriginalBody"></span><a href="https://scanmail.trustwave.com/?c=4062&d=-7zC2mLoCEj_NneVHp-V3QEqSUXMX5Za_ihz19TKaQ&s=5&u=https%3a%2f%2fcabforum%2eorg%2fmailman%2flistinfo%2fpublic" moz-do-not-send="true"><span style="mso-bookmark:_MailOriginalBody">https://cabforum.org/mailman/listinfo/public</span><span style="mso-bookmark:_MailOriginalBody"></span></a><span style="mso-bookmark:_MailOriginalBody"><o:p></o:p></span></pre>
</blockquote>
<p class="MsoNormal"><span
style="mso-bookmark:_MailOriginalBody"><br>
<br>
</span><o:p></o:p></p>
</div>
</blockquote>
<br>
</body>
</html>