<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>SSL.com votes YES on Ballot <span class="gmail-il">SC30v2.<br>
<br>
</span></p>
<div class="moz-cite-prefix">On 7/6/2020 9:20 AM, Ryan Sleevi via
Servercert-wg wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CACvaWvaUk=bms4YmLbToy-tYSrkXvX0escZSZm5R0o4ZP1eWwA@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">
<div style="color:rgb(0,0,0)">This begins the voting period for
Ballot <span class="gmail-il">SC30v2</span>: Disclosure of
Registration / Incorporating Agency</div>
<div style="color:rgb(0,0,0)"><br>
</div>
<b style="color:rgb(0,0,0)">Purpose of Ballot:<br>
</b><br style="color:rgb(0,0,0)">
<span style="color:rgb(0,0,0)">The EV Guidelines aim to ensure a
consistent and repeatable level of validation for
certificates, regardless of the CA performing the validation,
providing Relying Parties consistency for all certificates
complying with these Guidelines. Although the Guidelines
attempt to specify objective requirements, areas remain that
rely on a subjective determination by the CA. One such area is
determining whether a given Incorporating Agency or
Registration Agency fulfills these Requirements.</span><br
style="color:rgb(0,0,0)">
<br style="color:rgb(0,0,0)">
<span style="color:rgb(0,0,0)">As currently specified, it's
possible for one CA to make a determination that a given
Registration Agency or Incorporating Agency does meet the
requirements of the EV Guidelines, while a different CA
determines that same Agency does not. As the reliability of
the information validated within the Certificate is tied to
the reliability of the data source used to verify this
information, this inconsistency undermines the assurance that
EV Certificates are meant to provide.</span><br
style="color:rgb(0,0,0)">
<br style="color:rgb(0,0,0)">
<span style="color:rgb(0,0,0)">While there is utility in being
able to identify precisely what datasource(s) were used with a
given Certificate, this ballot does not involve such work. It
merely seeks to ensure that, for any given Organization, it
can be validated consistently and to the same degree,
regardless of the CA, by working to achieve consistency among
all CAs in their selection of data sources.</span><br
style="color:rgb(0,0,0)">
<br style="color:rgb(0,0,0)">
<span style="color:rgb(0,0,0)">Much like the work to remove “Any
other method” from the validation of domain names, ensuring
consistency, transparency, and objectivity in validating
domain names, this ballot is the first step to doing the same
for organization information.</span><br
style="color:rgb(0,0,0)">
<br style="color:rgb(0,0,0)">
<span style="color:rgb(0,0,0)">A potential roadmap of ballots to
to address these issues involves:</span><br
style="color:rgb(0,0,0)">
<br style="color:rgb(0,0,0)">
<ul style="color:rgb(0,0,0)">
<li style="margin-left:15px">CAs publish the list of
Registration Agencies / Incorporating Agencies they use
(this ballot)</li>
<li style="margin-left:15px">Create an allowed list of
Registration Agencies / Incorporating Agencies and
associated values, along with a process for updating and
adding new ones, and requiring issuance exclusively use
Agencies on this list.</li>
<li style="margin-left:15px">If useful and relevant to Relying
Parties, ensure each Certificate can be tied back to their
Registration Agency / Incorporating Agency, such as
disclosure within the Certificate itself, so they can
unambiguously and uniquely determine the organization that
has been validated.</li>
</ul>
<div style="color:rgb(0,0,0)"><br>
</div>
<span style="color:rgb(0,0,0)">A similar process may then be
repeated for other forms of verification data sources, such as
the QIIS, QTIS, and QGIS within the EV Guidelines, or the
Reliable Data Sources within the Baseline Requirements.</span><br
style="color:rgb(0,0,0)">
<br style="color:rgb(0,0,0)">
<span style="color:rgb(0,0,0)">This was originally drafted in </span><a
href="https://github.com/sleevi/cabforum-docs/pull/11"
target="_blank" moz-do-not-send="true">https://github.com/sleevi/cabforum-docs/pull/11</a><span
style="color:rgb(0,0,0)"> , and as a pull request is available
at </span><a
href="https://github.com/cabforum/documents/pull/194"
target="_blank" moz-do-not-send="true">https://github.com/cabforum/documents/pull/194</a><br
style="color:rgb(0,0,0)">
<br style="color:rgb(0,0,0)">
<span style="color:rgb(0,0,0)">The difference between v1 of this
ballot and v2 has been to modify the language to be clearer
for those where English is not the first/primary language. The
redline between v1 and v2 is available at </span><a
href="https://github.com/cabforum/documents/pull/194/commits/4e8f16f16bf7ec92d9509976e843099091e4b5b7"
target="_blank" moz-do-not-send="true">https://github.com/cabforum/documents/pull/194/commits/4e8f16f16bf7ec92d9509976e843099091e4b5b7</a><br
style="color:rgb(0,0,0)">
<br style="color:rgb(0,0,0)">
<span style="color:rgb(0,0,0)">The following motion has been
proposed by Ryan Sleevi of Google and endorsed by Ben Wilson
of Mozilla and Dimitris Zacharopoulos of HARICA.</span>
<div style="color:rgb(0,0,0)"><br>
<b>— MOTION BEGINS —</b><br>
<br>
This ballot modifies the “Guidelines for the Issuance and
Management of Extended Validation Certificates” (“EV
Guidelines”) as follows, based on version 1.7.2:<br>
<br>
ADD a paragraph to Section 9.2.4 of the EV Guidelines as
defined in the following redline: <a
href="https://github.com/cabforum/documents/compare/d5067bbbfb46906c65e476ef3d55dd3b2c505a09..4e8f16f16bf7ec92d9509976e843099091e4b5b7"
target="_blank" moz-do-not-send="true">https://github.com/cabforum/documents/compare/d5067bbbfb46906c65e476ef3d55dd3b2c505a09..4e8f16f16bf7ec92d9509976e843099091e4b5b7</a><br>
<br>
ADD a paragraph to Section 9.2.5 of the EV Guidelines as
defined in the following redline: <a
href="https://github.com/cabforum/documents/compare/d5067bbbfb46906c65e476ef3d55dd3b2c505a09..4e8f16f16bf7ec92d9509976e843099091e4b5b7"
target="_blank" moz-do-not-send="true">https://github.com/cabforum/documents/compare/d5067bbbfb46906c65e476ef3d55dd3b2c505a09..4e8f16f16bf7ec92d9509976e843099091e4b5b7</a><br>
<br>
ADD a Section 11.1.3 to the EV Guidelines as defined in the
following redline: <a
href="https://github.com/cabforum/documents/compare/d5067bbbfb46906c65e476ef3d55dd3b2c505a09..4e8f16f16bf7ec92d9509976e843099091e4b5b7"
target="_blank" moz-do-not-send="true">https://github.com/cabforum/documents/compare/d5067bbbfb46906c65e476ef3d55dd3b2c505a09..4e8f16f16bf7ec92d9509976e843099091e4b5b7</a><br>
<br>
The Chair or Vice-Chair is permitted to update the Relevant
Dates of the EV Guidelines as appropriate, such as in the
following redline: <a
href="https://github.com/cabforum/documents/compare/d5067bbbfb46906c65e476ef3d55dd3b2c505a09..4e8f16f16bf7ec92d9509976e843099091e4b5b7"
target="_blank" moz-do-not-send="true">https://github.com/cabforum/documents/compare/d5067bbbfb46906c65e476ef3d55dd3b2c505a09..4e8f16f16bf7ec92d9509976e843099091e4b5b7</a><br>
<br>
<b>— MOTION ENDS —</b><br>
<br>
This ballot proposes a Final Maintenance Guideline.<br>
<br>
The procedure for approval of this ballot is as follows:<br>
<br>
Discussion (7+ days)<br>
Start Time: 26-June 2020 19:00 UTC<br>
End Time: after 4-July 2020 00:00 UTC<br>
<br>
Vote for approval (7 days)<br>
Start Time: 6-July 2020 14:20 UTC<br>
End Time: 13-July 2020 20:00 UTC</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
Servercert-wg mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Servercert-wg@cabforum.org">Servercert-wg@cabforum.org</a>
<a class="moz-txt-link-freetext" href="https://lists.cabforum.org/mailman/listinfo/servercert-wg">https://lists.cabforum.org/mailman/listinfo/servercert-wg</a>
</pre>
</blockquote>
<pre class="moz-signature" cols="72">--
Chris Kemmerer
Manager of Operations
SSL.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~ To find the reefs, look~~~~~~~~
~~~~ for the wrecks. ~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~</pre>
</body>
</html>