<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:"Calibri Light";
        panose-1:2 15 3 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman",serif;
        color:black;}
h3
        {mso-style-priority:9;
        mso-style-link:"Heading 3 Char";
        mso-margin-top-alt:auto;
        margin-right:0in;
        mso-margin-bottom-alt:auto;
        margin-left:0in;
        font-size:13.5pt;
        font-family:"Times New Roman",serif;
        color:black;}
h4
        {mso-style-priority:9;
        mso-style-link:"Heading 4 Char";
        mso-margin-top-alt:auto;
        margin-right:0in;
        mso-margin-bottom-alt:auto;
        margin-left:0in;
        font-size:12.0pt;
        font-family:"Times New Roman",serif;
        color:black;}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:#0563C1;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:#954F72;
        text-decoration:underline;}
span.Heading3Char
        {mso-style-name:"Heading 3 Char";
        mso-style-priority:9;
        mso-style-link:"Heading 3";
        font-family:"Calibri Light",sans-serif;
        color:#1F4D78;}
span.Heading4Char
        {mso-style-name:"Heading 4 Char";
        mso-style-priority:9;
        mso-style-link:"Heading 4";
        font-family:"Calibri Light",sans-serif;
        color:#2E74B5;
        font-style:italic;}
p.msonormal0, li.msonormal0, div.msonormal0
        {mso-style-name:msonormal;
        mso-margin-top-alt:auto;
        margin-right:0in;
        mso-margin-bottom-alt:auto;
        margin-left:0in;
        font-size:11.0pt;
        font-family:"Calibri",sans-serif;}
p.line874, li.line874, div.line874
        {mso-style-name:line874;
        mso-margin-top-alt:auto;
        margin-right:0in;
        mso-margin-bottom-alt:auto;
        margin-left:0in;
        font-size:12.0pt;
        font-family:"Times New Roman",serif;
        color:black;}
p.line891, li.line891, div.line891
        {mso-style-name:line891;
        mso-margin-top-alt:auto;
        margin-right:0in;
        mso-margin-bottom-alt:auto;
        margin-left:0in;
        font-size:12.0pt;
        font-family:"Times New Roman",serif;
        color:black;}
p.line862, li.line862, div.line862
        {mso-style-name:line862;
        mso-margin-top-alt:auto;
        margin-right:0in;
        mso-margin-bottom-alt:auto;
        margin-left:0in;
        font-size:12.0pt;
        font-family:"Times New Roman",serif;
        color:black;}
span.anchor
        {mso-style-name:anchor;}
span.EmailStyle24
        {mso-style-type:personal;
        font-family:"Calibri",sans-serif;
        color:#1F497D;}
span.EmailStyle26
        {mso-style-type:personal-reply;
        font-family:"Calibri",sans-serif;
        color:windowtext;}
.MsoChpDefault
        {mso-style-type:export-only;
        font-size:10.0pt;}
@page WordSection1
        {size:8.5in 11.0in;
        margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
        {page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body bgcolor=white lang=EN-US link="#0563C1" vlink="#954F72"><div class=WordSection1><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext'>DigiCert votes “YES” on Ballot SC10.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext'>-Tim<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext'><o:p> </o:p></span></p><div style='border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt'><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext'>From:</span></b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext'> Public <public-bounces@cabforum.org> <b>On Behalf Of </b>Kirk Hall via Public<br><b>Sent:</b> Thursday, September 27, 2018 5:26 PM<br><b>To:</b> CABFPub <public@cabforum.org><br><b>Subject:</b> [cabfpub] Voting has started on Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext'>Voting ends on 4 October 2018 at 22:00 UTC.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext'>From:</span></b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext'> Servercert-wg [mailto:servercert-wg-bounces@cabforum.org] <b>On Behalf Of </b>Dimitris Zacharopoulos via Servercert-wg<br><b>Sent:</b> Thursday, September 20, 2018 9:02 AM<br><b>To:</b> CA/B Forum Server Certificate WG Public Discussion List <servercert-wg@cabforum.org><br><b>Subject:</b> [Servercert-wg] Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG<o:p></o:p></span></p></div></div><h3><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext'>Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG</span><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p></o:p></span></h3><h3><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></h3><h3><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>P</span><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>urpose of Ballot <o:p></o:p></span></h3><p class=MsoNormal style='mso-margin-top-alt:auto'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>The Network Security Working Group of the CA/Browser Forum expired on June 19, 2018 under the terms of Ballot 203 which established the Working Group. The Server Certificate Working Group wishes to establish a Network Security Subcommittee pursuant to Bylaws 5.3.1(e).<o:p></o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:auto'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>The following motion has been proposed by Dimitris Zacharopoulos of HARICA and endorsed by Tim Hollebeek of DigiCert and Wayne Thayer of Mozilla.</span><b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p></o:p></span></b></p><p class=MsoNormal style='mso-margin-top-alt:auto'><b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>--- MOTION BEGINS ---</span></b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p></o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:auto'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>The Server Certificate Working Group hereby establishes the <b>Network Security Subcommittee</b> as an official Subcommittee.<br><br><b>1. Mission: </b>To improve security policies and practices for Certificate Management Systems encoded in the guidelines maintained by the SCWG. <o:p></o:p></span></p><p class=MsoNormal><b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'><br>2. End Date: </span></b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>This Subcommittee shall continue until it is dissolved by a vote of the SCWG<o:p></o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:auto'><b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>3. Deliverables: </span></b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>The Network Security Subcommittee shall propose ballots to the SCWG to improve the minimal security standards within the mission defined above This includes modifying the existing Network and Certificate System Security Requirements (NCSSR) or to create new requirements, guidelines, or best practices. Among other activities, the Network Security Subcommittee shall perform security analysis on typical CA Management Systems offering options to the Server Certificate Working Group for establishing minimal security standards. Risk analysis will also be used to provide a better understanding of threats and vulnerabilities in Certificate Management Systems. This process can be used to provide better reasoning and justification of existing or future security guidelines.<o:p></o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:auto;text-autospace:none'><b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>4. Participation: </span></b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Any member of the SCWG is eligible and may declare their participation in the Network Security Subcommittee by requesting to be added to the mailing list. <o:p></o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:auto'><b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>5. Chair: </span></b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Ben Wilson<b> </b>shall be the initial Chair of the Network Security Subcommittee.  The Subcommittee may change its Chair from time to time by consensus of the Members participating in the Subcommittee or by voting method chosen by the Members by consensus.  <o:p></o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:auto'><b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>6. Communication: </span></b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Subcommittee communications and documents shall be posted on mailing-lists where the mail-archives are publicly accessible, and the Subcommittee shall publish minutes of its meetings.<o:p></o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:auto'><b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>7. Effect of SCWG Charter or Forum Bylaws Amendment for Subcommittees: </span></b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>In the event the SCWG Charter or the Forum Bylaws is amended to add general rules governing Chartered Working Group Subcommittees and how they operate (“General Rules”), the provisions of the General Rules shall take precedence over this charter.<o:p></o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:auto'><b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>--- MOTION ENDS ---</span></b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:auto'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> <o:p></o:p></span></p><p class=line874><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>The procedure for approval of this ballot is as follows: <o:p></o:p></span></p><table class=MsoNormalTable border=1 cellspacing=3 cellpadding=0 style='border:outset 1.5pt'><tr><td style='padding:.75pt .75pt .75pt .75pt;background-color:&quot;&quot"'><p class=MsoNormal><strong><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG</span></strong><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'><o:p></o:p></span></p></td><td style='padding:0in 0in 0in 0in'><p class=line891><strong><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Start time (22:00 UTC)</span></strong><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> <o:p></o:p></span></p></td><td style='padding:0in 0in 0in 0in'><p class=line891><strong><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>End time (22:00 UTC)</span></strong><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> <o:p></o:p></span></p></td></tr><tr><td style='padding:.75pt .75pt .75pt .75pt'><p class=line862><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Discussion (7 days) <o:p></o:p></span></p></td><td style='padding:0in 0in 0in 0in'><p class=line862><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>20 September 2018 <o:p></o:p></span></p></td><td style='padding:0in 0in 0in 0in'><p class=line862><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>27 September 2018 <o:p></o:p></span></p></td></tr><tr><td style='padding:.75pt .75pt .75pt .75pt'><p class=line862><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Vote for approval (7 days) <o:p></o:p></span></p></td><td style='padding:0in 0in 0in 0in'><p class=line862><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>27 September 2018 <o:p></o:p></span></p></td><td style='padding:0in 0in 0in 0in'><p class=line862><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>4 October 2018 <o:p></o:p></span></p></td></tr></table><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>  <o:p></o:p></span></p><h3 style='margin-bottom:0in;margin-bottom:.0001pt'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Additional Information (not part of Ballot)<o:p></o:p></span></h3><p class=MsoNormal style='mso-margin-top-alt:auto'><b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Bylaws v1.9</span></b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'><o:p></o:p></span></p><h4 style='margin-bottom:0in;margin-bottom:.0001pt'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>5.3.1 Formation of Chartered Working Groups<o:p></o:p></span></h4><p class=MsoNormal style='mso-margin-top-alt:auto;text-autospace:none'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>(e) CWGs may establish any number of subcommittees within its own Working Group to address any of such CWG’s business (each, a “Subcommittee”). A CWG-created Subcommittee needs to be approved by the CWG itself according to the approval process set forth in the CWG charter, but approval of the Forum is not necessary. Subcommittees must exist under an approved CWG.<o:p></o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:auto;text-autospace:none'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'><o:p> </o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:auto'><strong><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Ballot 203: Formation of Network Security Working Group (v2)</span></strong><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> <o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> <o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Purpose of Ballot: To form a Network Security Working Group to re-evaluate the CAB Forum's Network Security Guidelines.<o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> <o:p></o:p></span></p><p class=line862 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>The following motion has been proposed by Gervase Markham of Mozilla and endorsed by Jeremy Rowley of <span style='border:none windowtext 1.0pt;padding:0in'>DigiCert</span> and Moudrick Dadashov of SSC:<o:p></o:p></span></p><p class=line862 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> <o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>-- MOTION BEGINS –<o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> <o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>In accordance with Section 5.3 of the CA/B Forum Bylaws, the chartering of a new Working Group requires a ballot. This ballot charters the Network Security Working Group.<o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> <o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>The CAB Forum's Network Security Guidelines were adopted in August 2012 but have not been updated since. Significant doubts have been raised as to their fitness for purpose in 2017. Therefore, the Working Group’s charter will be as follows:<o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> <o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Scope<o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> <o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>1. Consider options for revising, replacing or scrapping the Network Security Guidelines.<o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> <o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Deliverables<o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>1. A report with one or more proposals for the future of the Network Security Guidelines.<o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>2. For proposals involving replacement, details of the availability and applicability of the proposed alternative, and what modifications if any would be needed to it in order to make it suitable for use.<o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>3. For proposals involving revision, details of the revisions that are deemed necessary and how the document will be kept current in the future.<o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>4. For proposals involving scrapping, an explanation of why this is preferable to either of the other two options.<o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>5. If there are multiple proposals, optionally a recommendation as to which one to pursue and an associated timeline.<o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>6. A form of ballot or ballots to implement any recommendations.<o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> <o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Expiry<o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>The Working Group shall expire once the deliverables have been completed, or on 2018-06-19, whichever happens first. The expiry date given above shall be automatically postponed by 1 year on 2018-05-19 ("postponement date") and each anniversary of the postponement date thereafter unless three or more members separately or jointly request on the Public Mail List, within one month prior to a particular postponement date, that expiry of this Working Group not be postponed in that instance.<o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> <o:p></o:p></span></p><p class=line874 style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>-- MOTION ENDS --<o:p></o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:auto'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> <o:p></o:p></span></p></div></div></body></html>