<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body>
    <p>TrustCor votes YES to Ballot SC41v2.</p>
    <p>Regards,</p>
    <p>Neil<br>
    </p>
    <div class="moz-cite-prefix">On 17/02/2021 22:28, Ryan Sleevi via
      Servercert-wg wrote:<br>
    </div>
    <blockquote type="cite"
cite="mid:01000177b21c433f-26c2712e-2cfb-4fa0-8367-56755b494017-000000@email.amazonses.com">
      <meta http-equiv="content-type" content="text/html; charset=UTF-8">
      <div dir="ltr">
        <div style="color:rgb(0,0,0)">Hearing no objections or concerns
          during the discussion period for Ballot <span class="gmail-il">SC41v2</span>:
          Reformat the BRs, EVGs, and NCSSRs , the purpose of this mail
          is to signal the start of the VOTING PERIOD.</div>
        <div style="color:rgb(0,0,0)"><br>
        </div>
        <div style="color:rgb(0,0,0)">Bylaws Note: Although this Ballot
          modifies how the documents internally express the Guideline
          version number, it does not explicitly change the value of the
          Guideline version number in a manner that would constitute an
          "update" pursuant to CA/Browser Forum Bylaws 2.3, Section 2.4
          (8). As such, the Chair or Vice-Chair are permitted to make
          changes permitted by that Section as necessary.</div>
        <div style="color:rgb(0,0,0)"><br>
        </div>
        <span style="color:rgb(0,0,0)">Purpose of Ballot:</span><br
          style="color:rgb(0,0,0)">
        <br style="color:rgb(0,0,0)">
        <span style="color:rgb(0,0,0)">This ballot attempts to align the
          Baseline Requirements (BRs), EV Guidelines (EVGs), and the
          Network and Certificate System Security Requirements (NCSSRs)
          to a common format, to allow for the automatic generation of
          final documents without requiring third-party tooling being
          installed locally.</span><br style="color:rgb(0,0,0)">
        <br style="color:rgb(0,0,0)">
        <span style="color:rgb(0,0,0)">It is a continuation of the work
          started in SC26 [1], and is within the work started originally
          by Ballots 154 and 155 [2]. If this ballot succeeds, the
          Server Certificate Working Group will use the
          version-controlled documents in GitHub as the authoritative
          source of requirements, avoiding issues that resulted from
          exchanging various versions of Microsoft Office files via
          e-mail or the Wiki.</span><br style="color:rgb(0,0,0)">
        <br style="color:rgb(0,0,0)">
        <span style="color:rgb(0,0,0)">The following changes are made,
          and are explicitly called out, beyond changes to font/styling</span><br
          style="color:rgb(0,0,0)">
        <ul style="color:rgb(0,0,0)">
          <li style="margin-left:15px">Baseline Requirements</li>
          <ul>
            <li style="margin-left:15px">Formatting issues in Sections
              3.2.2.4.18, 3.2.2.4.19, 4.10.1, 6.1.6, Appendix B are
              resolved (see [3] [4] [5])</li>
            <li style="margin-left:15px">Section 9.6.1 referenced a
              non-existent Section 11.2, which was a bug introduced in
              BRs v1.3.0. This is fixed to the correct section, which is
              7.1.4.2.2. [6]</li>
            <li style="margin-left:15px">Section 3.2.2.4.7 referenced
              Section 3.3.1, rather than the intended Section 4.2.1 [7]</li>
            <li style="margin-left:15px">The BRs consistently
              incorrectly refer to Section 8.1 for audit schemes, when
              the correct reference in Section 8.4 [8]</li>
          </ul>
          <li style="margin-left:15px">Extended Validation Guidelines</li>
          <ul>
            <li style="margin-left:15px">The EVGs are aligned to common
              language when referencing other sections, removing
              variations like “this Section X”, “the Section X of these
              Guidelines”, “Section X herein”, etc. Ambiguity is avoided
              by ensuring these references will also be internal
              document links that are structurally enforced.</li>
          </ul>
          <li style="margin-left:15px">Network and Certificate System
            Security</li>
          <ul>
            <li style="margin-left:15px">The structure is aligned to the
              BRs and EVGs, by listing Scope and Applicability followed
              by Document History and Definitions.</li>
            <li style="margin-left:15px">Section 2, Items (g), (k), and
              (o) and Section 4, Item (c) and (f), have the sub-items
              renumbered to Arabic numerals (1, 2, 3, 4) instead of
              Roman numerals (i, ii, iii, iv), for consistency and to
              avoid ambiguity with I/(i)/i.</li>
          </ul>
        </ul>
        <div style="color:rgb(0,0,0)">This ballot attaches derived
          versions of these documents in PDF and Microsoft Office, as
          produced by these changes. However, these documents are
          INFORMATIVE only, as per the Ballot text, and are provided to
          assist Members in review. For the avoidance of doubt, the
          attached documents do not constitute Ballot Versions, as
          defined within the CA/Browser Forum Bylaws, Section 2.4(1).</div>
        <div style="color:rgb(0,0,0)"><br>
        </div>
        <div style="color:rgb(0,0,0)">If there are any inconsistencies,
          the balloted text redline shall decide the definitive version.
          However, Members are encouraged to raise any such presentation
          issues, to ensure they can be reasonably addressed as part of
          this Ballot.</div>
        <div style="color:rgb(0,0,0)"><br>
        </div>
        <span style="color:rgb(0,0,0)">The following motion has been
          proposed by Ryan Sleevi of Google and endorsed by Ben Wilson
          of Mozilla and Dimitris Zacharopoulos of HARICA.</span>
        <div style="color:rgb(0,0,0)"><br>
        </div>
        <div style="color:rgb(0,0,0)">Version 2 of this Ballot
          introduces language to address potential conflicts with Ballot
          SC39v3, due to modifying the same section of the NCSSRs, as
          well as addresses one small Markdown lint pointed out by Aaron
          Gable of ISRG/Let's Encrypt with respect to fenced code
          blocks.</div>
        <div style="color:rgb(0,0,0)"><br>
        </div>
        <div style="color:rgb(0,0,0)">The comparison between v1 and <span
            class="gmail-il">v2</span> of this ballot is available at
          [9]<br>
          <br>
          [1] <a
href="https://cabforum.org/2020/03/30/ballot-sc26v2-pandoc-friendly-markdown-formatting-changes/"
            target="_blank" moz-do-not-send="true">https://cabforum.org/2020/03/30/ballot-sc26v2-pandoc-friendly-markdown-formatting-changes/</a><br>
          [2] <a
href="https://cabforum.org/2015/11/18/ballots-154-and-155-convert-to-rfc-3647-framework-and-github/"
            target="_blank" moz-do-not-send="true">https://cabforum.org/2015/11/18/ballots-154-and-155-convert-to-rfc-3647-framework-and-github/</a><br>
          [3] <a
            href="https://github.com/cabforum/servercert/issues/230"
            target="_blank" moz-do-not-send="true">https://github.com/cabforum/servercert/issues/230</a><br>
          [4] <a
            href="https://github.com/cabforum/servercert/issues/231"
            target="_blank" moz-do-not-send="true">https://github.com/cabforum/servercert/issues/231</a><br>
          [5] <a
            href="https://github.com/cabforum/servercert/issues/233"
            target="_blank" moz-do-not-send="true">https://github.com/cabforum/servercert/issues/233</a><br>
          [6] <a
            href="https://github.com/cabforum/servercert/issues/237"
            target="_blank" moz-do-not-send="true">https://github.com/cabforum/servercert/issues/237</a><br>
          [7] <a
            href="https://github.com/cabforum/servercert/issues/236"
            target="_blank" moz-do-not-send="true">https://github.com/cabforum/servercert/issues/236</a><br>
          [8] <a
            href="https://github.com/cabforum/servercert/issues/216"
            target="_blank" moz-do-not-send="true">https://github.com/cabforum/servercert/issues/216</a></div>
        <div style="color:rgb(0,0,0)">[9] <a
href="https://github.com/cabforum/servercert/compare/a8a6605a1d37ec9120ee1cc30b725bafa4dd5651..8f0a3b5038ff2911c50741ded594d403ec868803"
            target="_blank" moz-do-not-send="true">https://github.com/cabforum/servercert/compare/a8a6605a1d37ec9120ee1cc30b725bafa4dd5651..8f0a3b5038ff2911c50741ded594d403ec868803</a><br>
          <br>
          – MOTION BEGINS –<br>
          <br>
          This ballot modifies the “Baseline Requirements for the
          Issuance and Management of Publicly-Trusted Certificates”
          (“Baseline Requirements”), based on Version 1.7.3:<br>
          <br>
          MODIFY the Baseline Requirements as defined in the following
          redline to BR.md:<br>
          <br>
          <a
href="https://github.com/cabforum/documents/compare/2b7720f7821764f0ea9d0d583ec5c61896a3f4cd..8f0a3b5038ff2911c50741ded594d403ec868803"
            target="_blank" moz-do-not-send="true">https://github.com/cabforum/documents/compare/2b7720f7821764f0ea9d0d583ec5c61896a3f4cd..8f0a3b5038ff2911c50741ded594d403ec868803</a><br>
          <br>
          This ballot modifies the “Guidelines for the Issuance and
          Management of Extended Validation Certificates” (“EV
          Guidelines”) as follows, based on Version 1.7.4:<br>
          <br>
          MODIFY the EV Guidelines as defined in the following redline
          to EVG.md:<br>
          <br>
          <a
href="https://github.com/cabforum/documents/compare/2b7720f7821764f0ea9d0d583ec5c61896a3f4cd..8f0a3b5038ff2911c50741ded594d403ec868803"
            target="_blank" moz-do-not-send="true">https://github.com/cabforum/documents/compare/2b7720f7821764f0ea9d0d583ec5c61896a3f4cd..8f0a3b5038ff2911c50741ded594d403ec868803</a><br>
          <br>
          This ballot modifies the “Network and Certificate System
          Security Requirements” (“Network Security Controls”) as
          follows, based on Version 1.5<br>
          <br>
          IF Ballot SC39v3 FAILS to be adopted by the Server Certificate
          Chartered Working Group:<br>
          <ul>
            <li style="margin-left:15px"><font color="#000000">MODIFY
                the Network Security Controls as defined in the
                following redline to NSR.md:<br>
              </font><a
href="https://github.com/cabforum/documents/compare/2b7720f7821764f0ea9d0d583ec5c61896a3f4cd..a8a6605a1d37ec9120ee1cc30b725bafa4dd5651"
                target="_blank" moz-do-not-send="true">https://github.com/cabforum/documents/compare/2b7720f7821764f0ea9d0d583ec5c61896a3f4cd..a8a6605a1d37ec9120ee1cc30b725bafa4dd5651</a></li>
          </ul>
          <div>IF Ballot SC39v3 SUCCEEDS and is adopted by the Server
            Certificate Chartered Working Group</div>
          <div>
            <ul>
              <li style="margin-left:15px">MODIFY the Network Security
                Controls as defined in the following redline to NSR.md:<br>
                <a
href="https://github.com/cabforum/documents/compare/2b7720f7821764f0ea9d0d583ec5c61896a3f4cd..8f0a3b5038ff2911c50741ded594d403ec868803"
                  target="_blank" moz-do-not-send="true">https://github.com/cabforum/documents/compare/2b7720f7821764f0ea9d0d583ec5c61896a3f4cd..8f0a3b5038ff2911c50741ded594d403ec868803</a><br>
              </li>
            </ul>
          </div>
          <div>On the successful adoption of this Ballot, the Forum
            shall recognize the CA/Browser Forum Server Certificate
            Chartered Working Group Git repository, as the authoritative
            and canonical source for the Baseline Requirements, EV
            Guidelines, and Network Security Controls. Alternative
            presentation formats may be used and provided, such as
            PDF/A, Office Open XML, or HTML, but in the event of any
            inconsistency in presentation, the documents as committed to
            the official Git repository shall be authoritative.<br>
            <br>
            At the time of this ballot, the Git repository may be
            browsed at <a href="https://github.com/cabforum/servercert"
              target="_blank" moz-do-not-send="true">https://github.com/cabforum/servercert</a> and
            cloned via <a
              href="https://github.com/cabforum/servercert.git"
              target="_blank" moz-do-not-send="true">https://github.com/cabforum/servercert.git</a><br>
            <br>
            – MOTION ENDS –<br>
            <br>
            This ballot proposes three Final Maintenance Guidelines.<br>
            <br>
            The procedure for approval of this ballot is as follows:<br>
            <br>
            Discussion (7+ days)<br>
            <br>
            Start Time: 2021-02-08 16:00:00 UTC<br>
            End Time: 2021-02-17 22:30:00 UTC<br>
            <br>
            Vote for approval (7 days)<br>
            <br>
            Start Time: 2021-02-17 22:30:00 UTC<br>
            End Time: 2021-02-24 22:30:00 UTC</div>
        </div>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <pre class="moz-quote-pre" wrap="">_______________________________________________
Servercert-wg mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Servercert-wg@cabforum.org">Servercert-wg@cabforum.org</a>
<a class="moz-txt-link-freetext" href="https://lists.cabforum.org/mailman/listinfo/servercert-wg">https://lists.cabforum.org/mailman/listinfo/servercert-wg</a>
</pre>
    </blockquote>
  </body>
</html>