<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<br>
<br>
<div class="moz-cite-prefix">On 1/12/2023 7:27 μ.μ., Aaron Gable
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAEmnErdspAwCX=ox+TRBGqvwoq_2Zk5EWL9hnhQccwNjk1CgTA@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">It's also worth noting that the Baseline
Requirements also diverge from RFC 3647 in this way: for
example, Section 1.5 of RFC 3647 is concerned with the contact
information of the group <i>administering the CP/CPS</i>, while
Section 1.5(.2) of the BRs is concerned with contact information
of the group <i>operating the CA</i>. </div>
</blockquote>
<br>
The group <i>administrering </i>the CP/CPS can be included in
section "1.5.2 Contact person" along with what the BRs need for the
group <i>operating </i>the CA. One does not prohibit the other.<br>
<br>
<br>
<blockquote type="cite"
cite="mid:CAEmnErdspAwCX=ox+TRBGqvwoq_2Zk5EWL9hnhQccwNjk1CgTA@mail.gmail.com">
<div dir="ltr">So trying to cleave too closely to the bulleted
descriptions inside RFC 3647 is unhelpful, imo.</div>
</blockquote>
<br>
I believe CAs are obligated by policy to include all bulleted
section of section 6 of RFC 3647 (plus <a
href="https://www.rfc-editor.org/errata/rfc3647">errata</a>).<br>
<br>
<blockquote type="cite"
cite="mid:CAEmnErdspAwCX=ox+TRBGqvwoq_2Zk5EWL9hnhQccwNjk1CgTA@mail.gmail.com">
<div dir="ltr">
<div><br>
</div>
<div>For whatever it's worth, I think that Section 11 of the
current EVGs could be renumbered wholesale to become Section
3.2, retaining its subsections as-is, with few or no issues.</div>
</div>
</blockquote>
<br>
IMO ... as long as it doesn't conflict with sections/subsections of
the outline of RFC 3647.<br>
<br>
Dimitris.<br>
<br>
<br>
<blockquote type="cite"
cite="mid:CAEmnErdspAwCX=ox+TRBGqvwoq_2Zk5EWL9hnhQccwNjk1CgTA@mail.gmail.com">
<div dir="ltr">
<div><br>
</div>
<div>Aaron</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Fri, Dec 1, 2023 at 8:51 AM
Tim Hollebeek via Servercert-wg <<a
href="mailto:servercert-wg@cabforum.org"
moz-do-not-send="true" class="moz-txt-link-freetext">servercert-wg@cabforum.org</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote"
style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div class="msg5766168836313912132">
<div style="overflow-wrap: break-word;" lang="EN-US">
<div class="m_5766168836313912132WordSection1"><o:p
class="MsoNormal">This is unfortunately wrong. There
are lots of misconceptions about RFC 3647
“compliance”.<o:u><o:u></o:u></o:u></o:p>
<p class="MsoNormal"> </p>
<o:p class="MsoNormal">The first point is that RFC 3647
is an INFORMATIONAL RFC. You can see this right at
the top, where it says “Category: Informational”.
This means that it contains no requirements and it’s
impossible to be out of compliance with it. This is
why I put quotes around “compliance”. Any requirements
around it need to come from elsewhere, for example, a
root program requirement that requires a particular
document to be in RFC 3647 format. But that’s vague
and informal, because 3647 doesn’t have requirements,
it just has an outline and suggested contents. It’s
not 100% precise what “MUST be in RFC 3647 format”
means, and we need to just acknowledge that
(specifying it precisely would be a colossal waste of
time).<o:u><o:u></o:u></o:u></o:p>
<p class="MsoNormal"> </p>
<o:p class="MsoNormal">So what does “RFC 3647 format”
mean? RFC 3647’s outline only covers the first two
levels. So “Section 3.2: Initial Identity Validation”
is a RFC 3647 section header, and most reasonable
interpretations of “RFC 3647 format” would require it
to exist with that or a substantially similar name and
contents.<o:u><o:u></o:u></o:u></o:p>
<p class="MsoNormal"> </p>
<o:p class="MsoNormal">Section 3.2.1, on the other hand,
is not an RFC 3647 section. It’s common to have a
third level of headers that mirror the “bullet points”
in the suggested content for the section, but those
are just unordered bullet lists in RFC 3647. Claiming
that section 3.2.1 of a document in RFC 3647 must
describe private key protection goes beyond what RFC
3647 says. Section 3.2 just “contains the following
elements”, so private key protection is just one of
several topics that one might discuss in section 3.2.
It could be section 3.2.1, but it could be elsewhere
in 3.2, and it’s perfectly fine for 3.2.1 to not
exist, have different content, etc.<o:u><o:u></o:u></o:u></o:p>
<p class="MsoNormal"> </p>
<o:p class="MsoNormal">Figuring out where section 11.1
goes is not trivial, but at first glance, section 3.2
is not an unreasonable choice, and I can understand
why Inigo made it. And there isn’t a compliance
reason why it can’t be section 3.2.1, if that’s what
we want.<o:u><o:u></o:u></o:u></o:p>
<p class="MsoNormal"> </p>
<o:p class="MsoNormal">Of course, we could convert the
recommended bulleted sections to a numbered list of
subsections (we often do elsewhere), in which case
section 3.2.1 could be “Private Key Protection” with
contents “No Stipulation”. If we do that, I suggest
we follow the rest of the bullets as well.<o:u><o:u></o:u></o:u></o:p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">Either way works.</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">-Tim</p>
<p class="MsoNormal"> </p>
<div
style="border-top:none;border-right:none;border-bottom:none;border-left:1.5pt solid blue;padding:0in 0in 0in 4pt">
<div>
<div
style="border-right:none;border-bottom:none;border-left:none;border-top:1pt solid rgb(225,225,225);padding:3pt 0in 0in">
<p class="MsoNormal"><b>From:</b> Dimitris
Zacharopoulos <<a
href="mailto:dzacharo@harica.gr"
moz-do-not-send="true"
class="moz-txt-link-freetext">dzacharo@harica.gr</a>>
<br>
<b>Sent:</b> Friday, December 1, 2023 10:48 AM<br>
<b>To:</b> Inigo Barreira <<a
href="mailto:Inigo.Barreira@sectigo.com"
moz-do-not-send="true"
class="moz-txt-link-freetext">Inigo.Barreira@sectigo.com</a>><br>
<b>Cc:</b> Tim Hollebeek <<a
href="mailto:tim.hollebeek@digicert.com"
moz-do-not-send="true"
class="moz-txt-link-freetext">tim.hollebeek@digicert.com</a>>;
CA/B Forum Server Certificate WG Public
Discussion List <<a
href="mailto:servercert-wg@cabforum.org"
moz-do-not-send="true"
class="moz-txt-link-freetext">servercert-wg@cabforum.org</a>><br>
<b>Subject:</b> Re: [Servercert-wg] SC-065:
Convert EVGs into RFC 3647 format pre-ballot</p>
</div>
</div>
<p class="MsoNormal"> </p>
<div>
<p class="MsoNormal"><span
style="font-family:Arial,sans-serif">We MUST
comply with RFC 3647 which means that we must
include sections that are listed in the outline
of 3647, and if we have nothing to say, we leave
it empty. We can't "hijack" the numbering just
because we have no requirements to describe. <br>
<br>
That's my interpretation of the RFC 3647
compliance. Perhaps others can chime in and
state their opinion. <br>
<br>
<br>
Thanks, </span></p>
</div>
<div>
<p><span style="font-family:Arial,sans-serif">DZ.</span></p>
</div>
<div>
<div>
<p><span style="font-family:Arial,sans-serif">Dec
1, 2023 14:50:23 Inigo Barreira <<a
href="mailto:Inigo.Barreira@sectigo.com"
moz-do-not-send="true"
class="moz-txt-link-freetext">Inigo.Barreira@sectigo.com</a>>:</span></p>
</div>
<blockquote
style="border-top:none;border-right:none;border-bottom:none;border-left:2.25pt solid rgb(204,204,204);padding:0in 0in 0in 8pt;margin-left:0in;margin-right:0in">
<p class="MsoNormal"><span lang="ES">Thanks
Dimitris.</span><span lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">I think
that strictly speaking, in RFC 3647 this
section is the 4.3.2 Initial Identity
Validation and the first bullet is about
proving the possession of the private key, but
there´s no specific section other than the
general approach that we´ve implemented.</span><span
lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">That said,
the current EVG does not include anything
about the possession of the private key
because that´s covered in the TLS BRs so that
section does not exist in the EVGs and
therefore I didn´t know how to avoid/implement
it.</span><span lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">I decided
to continue with the normal numbering for an
easy checking, so all 11 section is moved into
section 3.2 and the rest of the sub-numbers do
not change (so 11.1 would be 3.2.1, 11.1.1
would be 3.2.1.1, etc.)</span><span lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">I
understand your point but I think we can´t
create a section 3.2.1 for private key
possession because there´s no such a text in
the EVGs (and don´t think we should add
anything new, even a NA for that) and don´t
know which other sections we can create under
3.2 that can break the current equivalence,
which again was done for an easy comparison. </span><span
lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">So, what
would you suggest to “comply” with that? I
don´t have a clear idea.</span><span lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">Regards</span><span
lang="ES"></span></p>
<div>
<div
style="border-right:none;border-bottom:none;border-left:none;border-top:1pt solid rgb(225,225,225);padding:3pt 0in 0in">
<p class="MsoNormal"><b><span lang="ES">De:</span></b><span
lang="ES"> Dimitris Zacharopoulos (HARICA)
<<a href="mailto:dzacharo@harica.gr"
moz-do-not-send="true"
class="moz-txt-link-freetext">dzacharo@harica.gr</a>>
<br>
<b>Enviado el:</b> jueves, 30 de noviembre
de 2023 13:16<br>
<b>Para:</b> Inigo Barreira <<a
href="mailto:Inigo.Barreira@sectigo.com"
moz-do-not-send="true"
class="moz-txt-link-freetext">Inigo.Barreira@sectigo.com</a>>;
Tim Hollebeek <<a
href="mailto:tim.hollebeek@digicert.com"
moz-do-not-send="true"
class="moz-txt-link-freetext">tim.hollebeek@digicert.com</a>>;
CA/B Forum Server Certificate WG Public
Discussion List <<a
href="mailto:servercert-wg@cabforum.org"
moz-do-not-send="true"
class="moz-txt-link-freetext">servercert-wg@cabforum.org</a>><br>
<b>Asunto:</b> Re: [Servercert-wg] SC-065:
Convert EVGs into RFC 3647 format
pre-ballot</span><span lang="ES"></span></p>
</div>
</div>
<div style="border:1pt solid black;padding:2pt">
<p class="MsoNormal"
style="line-height:12pt;background:rgb(250,250,3)"><span
style="font-size:10pt;color:black" lang="ES">CAUTION:
This email originated from outside of the
organization. Do not click links or open
attachments unless you recognize the sender
and know the content is safe.</span><span
lang="ES"></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-bottom:12pt"><span
lang="ES">Inigo,<br>
<br>
As I am working to migrate the EV Guidelines
into the EV Code Signing Baseline
Requirements I took a look at the mapping
you provided for the EV Guidelines and
noticed that you are proposing migration of
EVG section 11.1 into section 3.2.1. This
particular section is labeled "Method to
prove possession of private key" in RFC 3647
so I don't think it is appropriate. I think
it's best to create new subsections under
3.2.<br>
<br>
Thanks,<br>
Dimitris.</span></p>
<div>
<p class="MsoNormal"><span lang="ES">On
8/9/2023 7:54 μ.μ., Inigo Barreira wrote:</span></p>
</div>
<blockquote
style="margin-top:5pt;margin-bottom:5pt">
<p class="MsoNormal"><span lang="ES">Hi all, </span><span
lang="ES"></span></p>
<p class="MsoNormal"><span lang="ES"> </span><span
lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">Attached
you´ll find the EVG v1.8.0 with comments
in all sections indicating where those
sections, and the content, have been moved
into the new EVG RFC3647 format. So, with
this document, plus the redlined version,
I hope you can have now a clearer view of
the changes done.</span><span lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">Let me
know if you need anything else to clarify
the new version.</span><span lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><span
lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">Regards</span><span
lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><span
lang="ES"></span></p>
<div>
<div
style="border-right:none;border-bottom:none;border-left:none;border-top:1pt solid rgb(225,225,225);padding:3pt 0in 0in">
<p class="MsoNormal"><b><span lang="ES">De:</span></b><span
lang="ES"> Inigo Barreira <a
href="mailto:Inigo.Barreira@sectigo.com" moz-do-not-send="true"><Inigo.Barreira@sectigo.com></a>
<br>
<b>Enviado el:</b> martes, 29 de
agosto de 2023 17:06<br>
<b>Para:</b> Tim Hollebeek <a
href="mailto:tim.hollebeek@digicert.com" moz-do-not-send="true"><tim.hollebeek@digicert.com></a>;
Dimitris Zacharopoulos (HARICA) <a
href="mailto:dzacharo@harica.gr"
moz-do-not-send="true"><dzacharo@harica.gr></a>;
CA/B Forum Server Certificate WG
Public Discussion List <a
href="mailto:servercert-wg@cabforum.org" moz-do-not-send="true"><servercert-wg@cabforum.org></a><br>
<b>Asunto:</b> RE: [Servercert-wg]
SC-065: Convert EVGs into RFC 3647
format pre-ballot</span></p>
</div>
</div>
<p class="MsoNormal"><span lang="ES"> </span></p>
<p class="MsoNormal"><span lang="EN-GB">Thanks
Dimitris and Tim.</span><span lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">I did
something of that internally but didn´t
reflect on the document, so will try to
reproduce to have it clearer.</span><span
lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><span
lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">OTOH,
and as indicated in the PR, the whole
section 11 has been placed in section 3.2
keeping the rest of the numbering. So, for
example:</span><span lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><span
lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">EVG
EVG3647</span><span lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">11.1
3.2.1</span><span lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">11.1.1
3.2.1.1</span><span lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">11.1.2
3.2.1.2</span><span lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">11.1.3
3.2.1.3</span><span lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">11.2
3.2.2</span><span lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">11.2.1
3.2.2.1</span><span lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">…..
…. </span><span lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">11.13
3.2.13</span><span lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">11.14
3.2.14</span><span lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">11.14.1
3.2.14.1</span><span lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">11.14.2
3.2.14.2</span><span lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">11.14.3
3.2.14.3</span><span lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><span
lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">Hope
this can clarify the main difficult that I
found in the document, where to place it
and how.</span><span lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><span
lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">Regards</span><span
lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><span
lang="ES"></span></p>
<div>
<div
style="border-right:none;border-bottom:none;border-left:none;border-top:1pt solid rgb(225,225,225);padding:3pt 0in 0in">
<p class="MsoNormal"><b><span lang="EN-GB">De:</span></b><span
lang="EN-GB"> Tim Hollebeek <<a
href="mailto:tim.hollebeek@digicert.com" moz-do-not-send="true"
class="moz-txt-link-freetext">tim.hollebeek@digicert.com</a>>
<br>
<b>Enviado el:</b> martes, 29 de
agosto de 2023 16:59<br>
<b>Para:</b> Dimitris Zacharopoulos
(HARICA) <<a
href="mailto:dzacharo@harica.gr"
moz-do-not-send="true"
class="moz-txt-link-freetext">dzacharo@harica.gr</a>>;
Inigo Barreira <<a
href="mailto:Inigo.Barreira@sectigo.com" moz-do-not-send="true"
class="moz-txt-link-freetext">Inigo.Barreira@sectigo.com</a>>;
CA/B Forum Server Certificate WG
Public Discussion List <<a
href="mailto:servercert-wg@cabforum.org" moz-do-not-send="true"
class="moz-txt-link-freetext">servercert-wg@cabforum.org</a>><br>
<b>Asunto:</b> RE: [Servercert-wg]
SC-065: Convert EVGs into RFC 3647
format pre-ballot</span><span
lang="ES"></span></p>
</div>
</div>
<p class="MsoNormal"><span lang="EN-GB"> </span><span
lang="ES"></span></p>
<div
style="border:1pt solid black;padding:2pt">
<p class="MsoNormal"
style="line-height:12pt;background:rgb(250,250,3)"><span
style="font-size:10pt;color:black">CAUTION:
This email originated from outside of
the organization. Do not click links or
open attachments unless you recognize
the sender and know the content is safe.</span><span
lang="ES"></span></p>
</div>
<p class="MsoNormal"><span
style="font-size:12pt;font-family:"Times New Roman",serif"> </span><span
lang="ES"></span></p>
<div>
<p class="MsoNormal"><span>Yes, exactly. I
would like to see a list that shows that
EVG-classic section 1.4 is now in
EVG-3647 section 4.1. Then I can look
at where the new text landed, see how
the conversion was handled, we can all
verify that nothing was lost or left
out, etc.</span><span lang="ES"></span></p>
<p class="MsoNormal"><span> </span><span
lang="ES"></span></p>
<p class="MsoNormal"><span>Without that,
anyone attempting to review the document
is forced to recreate the mapping just
to figure out where everything went and
that nothing was missed or put in the
wrong place. Redlines are not
sufficient when large amounts of text
are moving around to different places.</span><span
lang="ES"></span></p>
<p class="MsoNormal"><span> </span><span
lang="ES"></span></p>
<p class="MsoNormal"><span>I’m saying this
because from my spot-checking, the
conversion appears to be pretty good,
and I’d like to be able to do a final
verification that it’s mostly correct so
I can endorse.</span><span lang="ES"></span></p>
<p class="MsoNormal"><span> </span><span
lang="ES"></span></p>
<p class="MsoNormal"><span>-Tim</span><span
lang="ES"></span></p>
<p class="MsoNormal"><span> </span><span
lang="ES"></span></p>
<div
style="border-top:none;border-right:none;border-bottom:none;border-left:1.5pt solid blue;padding:0in 0in 0in 4pt">
<div>
<div
style="border-right:none;border-bottom:none;border-left:none;border-top:1pt solid rgb(225,225,225);padding:3pt 0in 0in">
<p class="MsoNormal"><b><span>From:</span></b><span>
Dimitris Zacharopoulos (HARICA)
<</span><span lang="ES"><a
href="mailto:dzacharo@harica.gr"
moz-do-not-send="true"><span
lang="EN-US">dzacharo@harica.gr</span></a></span><span>>
<br>
<b>Sent:</b> Tuesday, August 29,
2023 7:58 AM<br>
<b>To:</b> Inigo Barreira <</span><span
lang="ES"><a
href="mailto:Inigo.Barreira@sectigo.com" moz-do-not-send="true"><span
lang="EN-US">Inigo.Barreira@sectigo.com</span></a></span><span>>;
CA/B Forum Server Certificate WG
Public Discussion List <</span><span
lang="ES"><a
href="mailto:servercert-wg@cabforum.org" moz-do-not-send="true"><span
lang="EN-US">servercert-wg@cabforum.org</span></a></span><span>>;
Tim Hollebeek <</span><span
lang="ES"><a
href="mailto:tim.hollebeek@digicert.com" moz-do-not-send="true"><span
lang="EN-US">tim.hollebeek@digicert.com</span></a></span><span>><br>
<b>Subject:</b> Re:
[Servercert-wg] SC-065: Convert
EVGs into RFC 3647 format
pre-ballot</span><span lang="ES"></span></p>
</div>
</div>
<p class="MsoNormal"><span> </span><span
lang="ES"></span></p>
<p class="MsoNormal"
style="margin-bottom:12pt"><span>Hi
Inigo,<br>
<br>
You can take some guidance from
previous successful efforts to convert
existing documents into RFC 3647
format. The latest attempt was in the
Code Signing BRs conversion in May
2022. Check out the mapping document
and the comments in the </span><span
lang="ES"><a
href="https://lists.cabforum.org/pipermail/cscwg-public/2022-May/000795.html"
moz-do-not-send="true"><span
lang="EN-US">ballot discussion
period</span></a></span><span>.<br>
<br>
For each existing section/paragraph,
it would be nice to have a comment
describing where that existing
language will land in the converted
document (destination). This will
allow all existing text to be
accounted for.<br>
<br>
During this process, you might
encounter duplicate or redundant text
which needs to be flagged accordingly.
You might also get into some
uncertainty as to which RFC3647
section is a best fit for existing
text that might require additional
discussion. <br>
<br>
I hope this helps.<br>
<br>
<br>
Dimitris.</span><span lang="ES"></span></p>
<div>
<p class="MsoNormal"><span>On 29/8/2023
12:42 μ.μ., Inigo Barreira via
Servercert-wg wrote:</span><span
lang="ES"></span></p>
</div>
<blockquote
style="margin-top:5pt;margin-bottom:5pt">
<p class="MsoNormal"><span lang="EN-GB">Hi
Tim,</span><span lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><span
lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">See
attached redlined and current
versions. I just used what Martijn
suggested yesterday but let me know
if this is what you were looking
for.</span><span lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><span
lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB">Regards</span><span
lang="ES"></span></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><span
lang="ES"></span></p>
<div>
<div
style="border-right:none;border-bottom:none;border-left:none;border-top:1pt solid rgb(225,225,225);padding:3pt 0in 0in">
<p class="MsoNormal"><b><span>De:</span></b><span>
Tim Hollebeek </span><span
lang="ES"><a
href="mailto:tim.hollebeek@digicert.com" moz-do-not-send="true"><span
lang="EN-US"><tim.hollebeek@digicert.com></span></a></span><span>
<br>
<b>Enviado el:</b> lunes, 28 de
agosto de 2023 19:49<br>
<b>Para:</b> Inigo Barreira </span><span
lang="ES"><a
href="mailto:Inigo.Barreira@sectigo.com" moz-do-not-send="true"><span
lang="EN-US"><Inigo.Barreira@sectigo.com></span></a></span><span>;
CA/B Forum Server Certificate WG
Public Discussion List </span><span
lang="ES"><a
href="mailto:servercert-wg@cabforum.org" moz-do-not-send="true"><span
lang="EN-US"><servercert-wg@cabforum.org></span></a></span><span><br>
<b>Asunto:</b> RE: SC-065:
Convert EVGs into RFC 3647
format pre-ballot</span><span
lang="ES"></span></p>
</div>
</div>
<p class="MsoNormal"><span> </span><span
lang="ES"></span></p>
<div
style="border:1pt solid black;padding:2pt">
<p class="MsoNormal"
style="line-height:12pt;background:rgb(250,250,3)"><span
style="font-size:10pt;color:black">CAUTION:
This email originated from outside
of the organization. Do not click
links or open attachments unless
you recognize the sender and know
the content is safe.</span><span
lang="ES"></span></p>
</div>
<p class="MsoNormal"><span> </span><span
lang="ES"></span></p>
<div>
<p class="MsoNormal"><span>Thanks for
doing this Inigo … I know
re-organizations like this are a
lot of work and fall very much in
the category of “important but not
fun”. So thanks for taking an
initial stab at this.</span><span
lang="ES"></span></p>
<p class="MsoNormal"><span> </span><span
lang="ES"></span></p>
<p class="MsoNormal"><span>Is there a
mapping that shows where all the
original text ended up? I think
that’s going to be essential for
people to be able to review this.
I did some spot checking, and your
conversion looks pretty good, but
I wasn’t able to do a more
detailed review without a mapping.</span><span
lang="ES"></span></p>
<p class="MsoNormal"><span> </span><span
lang="ES"></span></p>
<p class="MsoNormal"><span>-Tim</span><span
lang="ES"></span></p>
<p class="MsoNormal"><span> </span><span
lang="ES"></span></p>
<div
style="border-top:none;border-right:none;border-bottom:none;border-left:1.5pt solid blue;padding:0in 0in 0in 4pt">
<div>
<div
style="border-right:none;border-bottom:none;border-left:none;border-top:1pt solid rgb(225,225,225);padding:3pt 0in 0in">
<p class="MsoNormal"><b><span>From:</span></b><span>
Servercert-wg <</span><span
lang="ES"><a
href="mailto:servercert-wg-bounces@cabforum.org" moz-do-not-send="true"><span
lang="EN-US">servercert-wg-bounces@cabforum.org</span></a></span><span>>
<b>On Behalf Of </b>Inigo
Barreira via Servercert-wg<br>
<b>Sent:</b> Monday, August
28, 2023 5:20 AM<br>
<b>To:</b> CA/B Forum Server
Certificate WG Public
Discussion List <</span><span
lang="ES"><a
href="mailto:servercert-wg@cabforum.org" moz-do-not-send="true"><span
lang="EN-US">servercert-wg@cabforum.org</span></a></span><span>><br>
<b>Subject:</b>
[Servercert-wg] SC-065:
Convert EVGs into RFC 3647
format pre-ballot</span><span
lang="ES"></span></p>
</div>
</div>
<p class="MsoNormal"><span> </span><span
lang="ES"></span></p>
<p class="MsoNormal"><span>Hello,</span><span
lang="ES"></span></p>
<p class="MsoNormal"><span>The
current Extended Validation
Guidelines (EVGs) are written in
a non-standardized format. For
many years it has been discussed
to convert this document into
the RFC 3647 format and follow
the standardized model for this
type of documents. </span><span
lang="ES"></span></p>
<p class="MsoNormal"><span> </span><span
lang="ES"></span></p>
<p class="MsoNormal"><span>Given
that this has been known for
several years, I have prepared
the following ballot text, which
converts the EVGs into the RFC
3647 format:</span><span
lang="ES"></span></p>
<p class="MsoNormal"><span lang="ES"><a
href="https://url.avanan.click/v2/___https:/github.com/cabforum/servercert/pull/440___.YXAzOmRpZ2ljZXJ0OmE6bzoyOGIxNWVhZGVmZDlkZTM0NjQzZTA3YTlmYTA2MzM5YTo2OmExZWM6NGZmMGEzM2U0ZWZjOTU4MTM1NWRkNjU3ZDE5YjU3Y2YxNzg1NWU0ZTVjYzkzY2NjM2M0MWU5MzEyYzJmZTQ0NzpoOkY"
title="Protected by Avanan: https://github.com/cabforum/servercert/pull/440"
moz-do-not-send="true"><span
lang="EN-GB">EVGs based on
RFC3647 by barrini · Pull
Request #440 ·
cabforum/servercert
(github.com)</span></a></span></p>
<p class="MsoNormal"><span> </span><span
lang="ES"></span></p>
<p class="MsoNormal"><span>I am
currently seeking two endorsers
as well as any feedback on the
ballot content itself (wording,
effective dates, etc.).</span><span
lang="ES"></span></p>
<p class="MsoNormal"><span> </span><span
lang="ES"></span></p>
<p class="MsoNormal"><span>Thanks,</span><span
lang="ES"></span></p>
<p class="MsoNormal"><span> </span><span
lang="ES"></span></p>
</div>
</div>
<p class="MsoNormal"
style="margin-bottom:12pt"><span> </span><span
lang="ES"></span></p>
<pre><span>_______________________________________________</span><span
lang="ES"></span></pre>
<pre><span>Servercert-wg mailing list</span><span
lang="ES"></span></pre>
<pre><span lang="ES"><a
href="mailto:Servercert-wg@cabforum.org"
moz-do-not-send="true"><span
lang="EN-US">Servercert-wg@cabforum.org</span></a></span></pre>
<pre><span lang="ES"><a
href="https://lists.cabforum.org/mailman/listinfo/servercert-wg"
moz-do-not-send="true"><span
lang="EN-US">https://lists.cabforum.org/mailman/listinfo/servercert-wg</span></a></span></pre>
</blockquote>
<p class="MsoNormal"><span> </span><span
lang="ES"></span></p>
</div>
</div>
</blockquote>
</div>
</blockquote>
</div>
</div>
</div>
</div>
_______________________________________________<br>
Servercert-wg mailing list<br>
<a href="mailto:Servercert-wg@cabforum.org"
moz-do-not-send="true" class="moz-txt-link-freetext">Servercert-wg@cabforum.org</a><br>
<a
href="https://lists.cabforum.org/mailman/listinfo/servercert-wg"
rel="noreferrer" moz-do-not-send="true"
class="moz-txt-link-freetext">https://lists.cabforum.org/mailman/listinfo/servercert-wg</a><br>
</div>
</blockquote>
</div>
</blockquote>
<br>
</body>
</html>