<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:"Trebuchet MS";
        panose-1:2 11 6 3 2 2 2 2 2 4;}
@font-face
        {font-family:trebuchet;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman",serif;}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:purple;
        text-decoration:underline;}
p.msonormal0, li.msonormal0, div.msonormal0
        {mso-style-name:msonormal;
        mso-margin-top-alt:auto;
        margin-right:0in;
        mso-margin-bottom-alt:auto;
        margin-left:0in;
        font-size:11.0pt;
        font-family:"Calibri",sans-serif;}
p.m-1167569698070291640line867, li.m-1167569698070291640line867, div.m-1167569698070291640line867
        {mso-style-name:m_-1167569698070291640line867;
        mso-margin-top-alt:auto;
        margin-right:0in;
        mso-margin-bottom-alt:auto;
        margin-left:0in;
        font-size:12.0pt;
        font-family:"Times New Roman",serif;}
p.m-1167569698070291640line874, li.m-1167569698070291640line874, div.m-1167569698070291640line874
        {mso-style-name:m_-1167569698070291640line874;
        mso-margin-top-alt:auto;
        margin-right:0in;
        mso-margin-bottom-alt:auto;
        margin-left:0in;
        font-size:12.0pt;
        font-family:"Times New Roman",serif;}
p.m-1167569698070291640line862, li.m-1167569698070291640line862, div.m-1167569698070291640line862
        {mso-style-name:m_-1167569698070291640line862;
        mso-margin-top-alt:auto;
        margin-right:0in;
        mso-margin-bottom-alt:auto;
        margin-left:0in;
        font-size:12.0pt;
        font-family:"Times New Roman",serif;}
p.m-1167569698070291640line891, li.m-1167569698070291640line891, div.m-1167569698070291640line891
        {mso-style-name:m_-1167569698070291640line891;
        mso-margin-top-alt:auto;
        margin-right:0in;
        mso-margin-bottom-alt:auto;
        margin-left:0in;
        font-size:12.0pt;
        font-family:"Times New Roman",serif;}
span.m-1167569698070291640anchor
        {mso-style-name:m_-1167569698070291640anchor;}
span.EmailStyle23
        {mso-style-type:personal;
        font-family:"Calibri",sans-serif;
        color:#1F497D;}
span.EmailStyle27
        {mso-style-type:personal-reply;
        font-family:"Calibri",sans-serif;
        color:windowtext;}
.MsoChpDefault
        {mso-style-type:export-only;
        font-size:10.0pt;}
@page WordSection1
        {size:8.5in 11.0in;
        margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
        {page:WordSection1;}
/* List Definitions */
@list l0
        {mso-list-id:58407119;
        mso-list-template-ids:1356088718;}
@list l0:level1
        {mso-level-start-at:2;
        mso-level-tab-stop:.5in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l1
        {mso-list-id:111438550;
        mso-list-template-ids:-565255054;}
@list l1:level1
        {mso-level-tab-stop:.5in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l1:level2
        {mso-level-tab-stop:1.0in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l1:level3
        {mso-level-tab-stop:1.5in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l1:level4
        {mso-level-tab-stop:2.0in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l1:level5
        {mso-level-tab-stop:2.5in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l1:level6
        {mso-level-tab-stop:3.0in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l1:level7
        {mso-level-tab-stop:3.5in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l1:level8
        {mso-level-tab-stop:4.0in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l1:level9
        {mso-level-tab-stop:4.5in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l2
        {mso-list-id:456065817;
        mso-list-template-ids:420915670;}
@list l2:level1
        {mso-level-tab-stop:.5in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l2:level2
        {mso-level-tab-stop:1.0in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l2:level3
        {mso-level-tab-stop:1.5in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l2:level4
        {mso-level-tab-stop:2.0in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l2:level5
        {mso-level-tab-stop:2.5in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l2:level6
        {mso-level-tab-stop:3.0in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l2:level7
        {mso-level-tab-stop:3.5in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l2:level8
        {mso-level-tab-stop:4.0in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l2:level9
        {mso-level-tab-stop:4.5in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l3
        {mso-list-id:994453212;
        mso-list-template-ids:-251500852;}
@list l3:level1
        {mso-level-tab-stop:.5in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l3:level2
        {mso-level-tab-stop:1.0in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l3:level3
        {mso-level-tab-stop:1.5in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l3:level4
        {mso-level-tab-stop:2.0in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l3:level5
        {mso-level-tab-stop:2.5in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l3:level6
        {mso-level-tab-stop:3.0in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l3:level7
        {mso-level-tab-stop:3.5in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l3:level8
        {mso-level-tab-stop:4.0in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l3:level9
        {mso-level-tab-stop:4.5in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l4
        {mso-list-id:1411657931;
        mso-list-template-ids:343066074;}
@list l4:level1
        {mso-level-start-at:2;
        mso-level-tab-stop:.5in;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l5
        {mso-list-id:2000885178;
        mso-list-template-ids:1652954778;}
ol
        {margin-bottom:0in;}
ul
        {margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Might as well fix all the audit references while we’re at it …<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>-Tim<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'><o:p> </o:p></span></p><div style='border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt'><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>From:</span></b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> Public [mailto:public-bounces@cabforum.org] <b>On Behalf Of </b>Jeff Ward via Public<br><b>Sent:</b> Thursday, April 19, 2018 9:34 AM<br><b>To:</b> Ryan Sleevi <sleevi@google.com>; CA/Browser Forum Public Discussion List <public@cabforum.org>; Dimitris Zacharopoulos <jimmy@it.auth.gr><br><b>Subject:</b> Re: [cabfpub] Ballot proposal - Update Section 8.4 for CA audit criteria<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>Not sure if it matters a great deal, but the reference to WebTrust for CA should be version 2.1, not 2.0.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Trebuchet MS",sans-serif;color:#404040'>Jeff Ward, CPA, CGMA, CITP, CISA, CISSP, CEH</span></b><span style='font-size:10.0pt;font-family:"Trebuchet MS",sans-serif;color:#404040'><br>Office Managing Partner & National Leader Third Party Attestation (SOC/WebTrust/Cybersecurity)<br>314-889-1220 (Direct)    347-1220 (Internal)<br>314-889-1221 (Fax)</span><span style='color:#1F497D'><br></span><span style='font-size:10.0pt;font-family:"Trebuchet MS",sans-serif;color:#ED1A3B'><a href="mailto:jward@bdo.com"><span style='color:#ED1A3B'>jward@bdo.com</span></a></span><span style='color:#1F497D'><br><br></span><b><span style='font-size:10.0pt;font-family:"Trebuchet MS",sans-serif;color:#404040'>BDO</span></b><span style='color:#1F497D'><br></span><span style='font-size:10.0pt;font-family:"Trebuchet MS",sans-serif;color:#404040'>101 S Hanley Rd, Suite 800<br>St. Louis, MO 63105 <br>UNITED STATES<br>314-889-1100</span><span style='color:#1F497D'><br></span><u><span style='font-size:10.0pt;font-family:"Trebuchet MS",sans-serif;color:#ED1A3B'><a href="http://www.bdo.com"><span style='color:#ED1A3B'>www.bdo.com</span></a></span></u><span style='color:#1F497D'><br><br></span><i><span style='font-size:10.0pt;font-family:trebuchet;color:green'>Please consider the environment before printing this e-mail</span></i><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p></o:p></span></p><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>From:</span></b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> Public [<a href="mailto:public-bounces@cabforum.org">mailto:public-bounces@cabforum.org</a>] <b>On Behalf Of </b>Ryan Sleevi via Public<br><b>Sent:</b> Monday, April 16, 2018 9:21 AM<br><b>To:</b> Dimitris Zacharopoulos <<a href="mailto:jimmy@it.auth.gr">jimmy@it.auth.gr</a>>; CA/Browser Forum Public Discussion List <<a href="mailto:public@cabforum.org">public@cabforum.org</a>><br><b>Subject:</b> Re: [cabfpub] Ballot proposal - Update Section 8.4 for CA audit criteria<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal style='margin-bottom:12.0pt'><em><b><span style='font-size:9.0pt;font-family:"Trebuchet MS",sans-serif;color:mediumslateblue'>Attention: This email was sent from someone outside of BDO USA. Always use caution when opening attachments or clicking links from unknown senders or when receiving unexpected emails.</span></b></em><o:p></o:p></p><div><div><p class=MsoNormal><o:p> </o:p></p><div><p class=MsoNormal><o:p> </o:p></p><div><p class=MsoNormal>On Sun, Apr 15, 2018 at 2:18 AM, Dimitris Zacharopoulos via Public <<a href="mailto:public@cabforum.org" target="_blank">public@cabforum.org</a>> wrote:<o:p></o:p></p><blockquote style='border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0in;margin-bottom:5.0pt'><div><p class=MsoNormal style='margin-bottom:12.0pt'><br>I am looking for two endorsers for the following ballot.<br><br>Dimitris.<o:p></o:p></p><p class=m-1167569698070291640line867><strong>Ballot XXX - Update Section 8.4 for CA audit criteria</strong> <o:p></o:p></p><p class=m-1167569698070291640line874>The following motion has been proposed by Dimitris Zacharopoulos of HARICA and endorsed by ___ and ___<o:p></o:p></p><p class=m-1167569698070291640line867><strong>Background</strong>: <o:p></o:p></p><p class=m-1167569698070291640line874>Section 8.4 of the Baseline Requirements describes the audit criteria for CAs that issue Publicly-Trusted SSL/TLS Certificates. This ballot attempts to achieve two things: <o:p></o:p></p><ol start=1 type=1><li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l2 level1 lfo3'>Remove the old ETSI TS documents <o:p></o:p></li><li class=m-1167569698070291640line862 style='mso-list:l2 level1 lfo3'>Align the <a href="https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.cabforum.org%2Fwiki%2FWebTrust&data=02%7C01%7Cjward%40bdo.com%7Cefc0815200a54f92dbf908d5a3a571a5%7C6e57fc1a413e405091da7d2dc8543e3c%7C0%7C0%7C636594853327607164&sdata=8xxyL5y4ru1ryYPo35ybbZcRfoYyoFJqbSNpNNqgDZE%3D&reserved=0" target="_blank">WebTrust</a> and ETSI requirements <o:p></o:p></li></ol><p class=m-1167569698070291640line862>"<a href="https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.cabforum.org%2Fwiki%2FWebTrust&data=02%7C01%7Cjward%40bdo.com%7Cefc0815200a54f92dbf908d5a3a571a5%7C6e57fc1a413e405091da7d2dc8543e3c%7C0%7C0%7C636594853327607164&sdata=8xxyL5y4ru1ryYPo35ybbZcRfoYyoFJqbSNpNNqgDZE%3D&reserved=0" target="_blank">WebTrust</a> for Certification Authorities" is equivalent to "ETSI EN 319 401" and "<a href="https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.cabforum.org%2Fwiki%2FWebTrust&data=02%7C01%7Cjward%40bdo.com%7Cefc0815200a54f92dbf908d5a3a571a5%7C6e57fc1a413e405091da7d2dc8543e3c%7C0%7C0%7C636594853327607164&sdata=8xxyL5y4ru1ryYPo35ybbZcRfoYyoFJqbSNpNNqgDZE%3D&reserved=0" target="_blank">WebTrust</a> Principles and Criteria for Certification Authorities – SSL Baseline with Network Security" is the equivalent of "ETSI EN 319 411-1". <o:p></o:p></p><p class=m-1167569698070291640line867><strong>-- MOTION BEGINS --</strong> <o:p></o:p></p><p class=m-1167569698070291640line874>Replace the first two numbered items in section 8.4 of the Baseline Requirements from: <o:p></o:p></p><ol start=1 type=1><li class=m-1167569698070291640line891 style='mso-list:l1 level1 lfo5'><a href="https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.cabforum.org%2Fwiki%2FWebTrust&data=02%7C01%7Cjward%40bdo.com%7Cefc0815200a54f92dbf908d5a3a571a5%7C6e57fc1a413e405091da7d2dc8543e3c%7C0%7C0%7C636594853327607164&sdata=8xxyL5y4ru1ryYPo35ybbZcRfoYyoFJqbSNpNNqgDZE%3D&reserved=0" target="_blank">WebTrust</a> for Certification Authorities v2.0; <o:p></o:p></li><li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1 level1 lfo5'>A national scheme that audits conformance to ETSI TS 102 042 / ETSI EN 319 411-1; or <o:p></o:p></li></ol><p class=m-1167569698070291640line874>to: <o:p></o:p></p><ol start=1 type=1><li class=m-1167569698070291640line891 style='mso-list:l3 level1 lfo8'><a href="https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.cabforum.org%2Fwiki%2FWebTrust&data=02%7C01%7Cjward%40bdo.com%7Cefc0815200a54f92dbf908d5a3a571a5%7C6e57fc1a413e405091da7d2dc8543e3c%7C0%7C0%7C636594853327763420&sdata=nF1OV4mtZ2VQF6ucGxisGOgndqhfDJYULFK4ZGNpOr4%3D&reserved=0" target="_blank">WebTrust</a> Principles and Criteria for Certification Authorities – SSL Baseline with Network Security; <o:p></o:p></li><li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l3 level1 lfo8'>A national scheme that audits conformance to ETSI EN 319 411-1; or<o:p></o:p></li></ol></div></blockquote><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>As noted several times that this has come up in the past, your proposed change to #1 is meaningfully and substantially different than what is currently required. You are proposing *changing* the audit scheme to a more restrictive set. That's something in the past that browsers have objected to, and for good reason.<o:p></o:p></p></div></div></div></div></div><p class=MsoNormal style='margin-bottom:12.0pt'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'><br><br></span><em><b><span style='font-size:10.0pt;font-family:"Calibri",sans-serif;color:black'>BDO USA, LLP, a Delaware limited liability partnership, is the U.S. member of BDO International Limited, a UK company limited by guarantee, and forms part of the international BDO network of independent member firms. </span></b></em><b><i><span style='font-size:10.0pt;font-family:"Calibri",sans-serif;color:black'><br><br><em><span style='font-family:"Calibri",sans-serif'>BDO is the brand name for the BDO network and for each of the BDO Member Firms.</span></em><br><br><em><span style='font-family:"Calibri",sans-serif'>IMPORTANT NOTICES</span></em><br><br><em><span style='font-family:"Calibri",sans-serif'>The contents of this email and any attachments to it may contain privileged and confidential information from BDO USA, LLP. This information is only for the viewing or use of the intended recipient. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of, or the taking of any action in reliance upon, the information contained in this e-mail, or any of the attachments to this e-mail, is strictly prohibited and that this e-mail and all of the attachments to this e-mail, if any, must be immediately returned to BDO USA, LLP or destroyed and, in either case, this e-mail and all attachments to this e-mail must be immediately deleted from your computer without making any copies hereof. If you have received this e-mail in error, please notify BDO USA, LLP by e-mail immediately.</span></em></span></i></b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div></div></body></html>