<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>
</head>
<body dir="ltr">
<div class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
GoDaddy votes yes to ballot SC-073</div>
<div class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
Best,</div>
<div class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
Brittany</div>
<div id="appendonsend"></div>
<hr style="display:inline-block;width:98%" tabindex="-1">
<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> Servercert-wg <servercert-wg-bounces@cabforum.org> on behalf of Wayne Thayer via Servercert-wg <servercert-wg@cabforum.org><br>
<b>Sent:</b> Thursday, April 25, 2024 5:00 PM<br>
<b>To:</b> CA/B Forum Server Certificate WG Public Discussion List <servercert-wg@cabforum.org><br>
<b>Subject:</b> [Servercert-wg] Voting Period Begins - Ballot SC-073: Compromised and Weak Keys</font>
<div> </div>
</div>
<div>
<div style="background-color:#f2dede; padding-left:.5cm; border-left-width:5px; border-left-style:solid; border-left-color:#b94a48">
<span style="font-size:11pt; line-height:16pt; font-family:Tahoma,Verdana,Segoe,sans-serif; color:#b94a48">Caution:</span>
<span style="font-size:11pt; line-height:16pt; font-family:Tahoma,Verdana,Segoe,sans-serif; color:#b94a48">
This email is from an external sender. Please do not click links or open attachments unless you recognize the sender and know the content is safe. Forward suspicious emails to isitbad@.</span></div>
<p> </p>
<div>
<div dir="ltr">
<div dir="ltr">
<p dir="ltr" id="x_m_3076436754704620828gmail-docs-internal-guid-03c99b0b-7fff-1c11-84e1-099f15f7f345" style="line-height:1.38; background-color:rgb(255,255,255); margin-top:0pt; margin-bottom:0pt; padding:0pt 0pt 12pt">
<span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:700; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">Purpose of Ballot SC-073</span></p>
<p dir="ltr" style="line-height:1.38; background-color:rgb(255,255,255); margin-top:0pt; margin-bottom:12pt">
<span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">This ballot proposes updates
 to the Baseline Requirements for the Issuance and Management of Publicly-Trusted TLS Server Certificates related to weak and compromised private keys. These changes lie primarily in Section
<a href="http://6.1.1.3/" originalsrc="http://6.1.1.3/" shash="PlAD0zwXAZDuKVGhVGxHdQWOHj9sq1A8W6s8AGzRJ+Qoa3cd/bbcz6UGER25dvPz/xrtxczwweFbQTTOQ8XVft4unHKAED0PD94GUvk0rTutUd8fxERI0GL6qwY7R1765y/M70U+bBEPvMrPghtVrXV9pY5ZGR7H4dl3fGnIABc=" target="_blank">
6.1.1.3</a>:</span></p>
<ul style="margin-top:0px; margin-bottom:0px">
<li dir="ltr" style="list-style-type:disc; font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">
<p dir="ltr" role="presentation" style="line-height:1.38; background-color:rgb(255,255,255); margin-top:12pt; margin-bottom:0pt">
<span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">6.1.1.3(4) clarifies that,
 for the purpose of this requirement, CAs shall be made aware of compromised keys using their existing notification mechanism(s).</span></p>
</li><li dir="ltr" style="list-style-type:disc; font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">
<p dir="ltr" role="presentation" style="line-height:1.38; background-color:rgb(255,255,255); margin-top:0pt; margin-bottom:12pt">
<span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">6.1.1.3(5) improves guidance
 for CAs around the detection of weak keys. Should this ballot pass, these changes become effective on November 15, 2024.</span></p>
</li></ul>
<p dir="ltr" style="line-height:1.38; background-color:rgb(255,255,255); margin-top:12pt; margin-bottom:12pt">
<span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">Notes:</span></p>
<ul style="margin-top:0px; margin-bottom:0px">
<li dir="ltr" style="list-style-type:disc; font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">
<p dir="ltr" role="presentation" style="line-height:1.38; background-color:rgb(255,255,255); margin-top:12pt; margin-bottom:0pt">
<span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">This ballot builds on the
 extensive work done by SSL.com in creating ballot SC-59v2 Weak Key Guidance. SSL.com’s contributions are appreciated.</span></p>
</li><li dir="ltr" style="list-style-type:disc; font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">
<p dir="ltr" role="presentation" style="line-height:1.38; background-color:rgb(255,255,255); margin-top:0pt; margin-bottom:0pt">
<span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">Thanks to Rob Stradling
 of Sectigo for the generation and publication of the set of Debian weak keys referenced in this ballot.</span></p>
</li><li dir="ltr" style="list-style-type:disc; font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">
<p dir="ltr" role="presentation" style="line-height:1.38; background-color:rgb(255,255,255); margin-top:0pt; margin-bottom:0pt">
<span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">The Debian weak keys requirements
 have been discussed extensively, including in the following threads: </span><a href="https://lists.cabforum.org/pipermail/servercert-wg/2024-March/004291.html" originalsrc="https://lists.cabforum.org/pipermail/servercert-wg/2024-March/004291.html" shash="YTTn+3IsEL+pJ7WW/20Kem3NdxKcAXUlWQceI0gZGasZeERiFuGpOCZi3VYqEcV65wPQWqQxlXox+O02kHH+owxjb1LFrdPQet5+0/Lu7J/cwFoId1rtvhiRqthp4tL7O2hmA595lWnruM0jNhaAz37GkW1PeT8AYHEn9LDLh1M=" target="_blank" style="text-decoration:none"><span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(17,85,204); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:underline; vertical-align:baseline; white-space:pre-wrap">https://lists.cabforum.org/pipermail/servercert-wg/2024-March/004291.html</span></a><span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">
 and </span><a href="https://lists.cabforum.org/pipermail/servercert-wg/2024-April/004422.html" originalsrc="https://lists.cabforum.org/pipermail/servercert-wg/2024-April/004422.html" shash="YaiJBunaIF2ga7YeEIcgIri/nKn57INVKIGbff9fWBF0rfSXjgd5m2aIgszi5XxQxRfCqil6XP2+xuYIDv5oaLwEON1apy85vE9k4nYTEn0rbisjbCZzJuMos+BcCTAepbd8tWYCTjyZ8P2Nh+TS2VIxHskKyyKEwAmrVAQ6vfY=" target="_blank" style="text-decoration:none"><span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(17,85,204); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:underline; vertical-align:baseline; white-space:pre-wrap">https://lists.cabforum.org/pipermail/servercert-wg/2024-April/004422.html</span></a><span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap"> </span></p>
</li><li dir="ltr" style="list-style-type:disc; font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">
<p dir="ltr" role="presentation" style="line-height:1.38; background-color:rgb(255,255,255); margin-top:0pt; margin-bottom:12pt">
<span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">This ballot does not appear
 to conflict with any other ballots that are currently under discussion.</span></p>
</li></ul>
<p dir="ltr" style="line-height:1.38; background-color:rgb(255,255,255); margin-top:12pt; margin-bottom:0pt; padding:0pt 0pt 12pt">
<br>
</p>
<p dir="ltr" style="line-height:1.38; background-color:rgb(255,255,255); margin-top:0pt; margin-bottom:0pt; padding:0pt 0pt 12pt">
<span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">The following motion has
 been proposed by Wayne Thayer of Fastly, and endorsed by Brittany Randall of GoDaddy and Bruce Morton of Entrust.</span></p>
<p dir="ltr" style="line-height:1.38; background-color:rgb(255,255,255); margin-top:0pt; margin-bottom:0pt; padding:0pt 0pt 12pt">
<span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:700; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">— Motion Begins —</span></p>
<p dir="ltr" style="line-height:1.38; background-color:rgb(255,255,255); margin-top:0pt; margin-bottom:0pt; padding:0pt 0pt 12pt">
<span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">This ballot modifies the
 “Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates” (“Baseline Requirements”), based on Version 2.0.3.</span></p>
<p dir="ltr" style="line-height:1.38; background-color:rgb(255,255,255); margin-top:0pt; margin-bottom:0pt; padding:0pt 0pt 12pt">
<span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">MODIFY the Baseline Requirements
 for the Issuance and Management of Publicly-Trusted TLS Server Certificates as specified in the following Redline:</span></p>
<p dir="ltr" style="line-height:1.38; background-color:rgb(255,255,255); margin-top:0pt; margin-bottom:0pt; padding:0pt 0pt 12pt">
<span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">Here is a link to the immutable
 GitHub redline: </span><a href="https://github.com/cabforum/servercert/compare/a65402cff89affe1fc0a1f0e49807c7e42e1608a...bee10c8e4a56815bffd59fab12cbd4044baa7cc0" originalsrc="https://github.com/cabforum/servercert/compare/a65402cff89affe1fc0a1f0e49807c7e42e1608a...bee10c8e4a56815bffd59fab12cbd4044baa7cc0" shash="hB2tRE3jy0VRR7gr36Z+IWvQuAt8kD9Uyi3ekB5e5wbfHJnL3HQuePp9tFCdlKQ7OUIqSuS43awduqXXeE7b3+bAkfcG9ekFtW6ZwSEn+SeZNHn032gtTDAC/NOwqeTyPmTX/44A8PoCbk58ClE0E8jZqTl3DQzTkPiDZOjZR2g=" target="_blank" style="text-decoration:none"><span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(17,85,204); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:underline; vertical-align:baseline; white-space:pre-wrap">https://github.com/cabforum/servercert/compare/a65402cff89affe1fc0a1f0e49807c7e42e1608a...bee10c8e4a56815bffd59fab12cbd4044baa7cc0</span></a><span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap"> </span></p>
<p dir="ltr" style="line-height:1.38; background-color:rgb(255,255,255); margin-top:0pt; margin-bottom:0pt; padding:0pt 0pt 12pt">
<span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:700; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">— Motion Ends —</span></p>
<p dir="ltr" style="line-height:1.38; background-color:rgb(255,255,255); margin-top:0pt; margin-bottom:0pt; padding:0pt 0pt 12pt">
<span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">This ballot proposes a Final
 Maintenance Guideline. The procedure for approval of this ballot is as follows:</span></p>
<p dir="ltr" style="line-height:1.38; background-color:rgb(255,255,255); margin-top:0pt; margin-bottom:12pt">
<span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:700; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">Discussion (7+ days)</span></p>
<ul style="margin-top:0px; margin-bottom:0px">
<li dir="ltr" style="list-style-type:disc; font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">
<p dir="ltr" role="presentation" style="line-height:1.38; background-color:rgb(255,255,255); margin-top:12pt; margin-bottom:0pt">
<span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">Start time: 2024-04-18 00:00:00
 UTC</span></p>
</li><li dir="ltr" style="list-style-type:disc; font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">
<p dir="ltr" role="presentation" style="line-height:1.38; background-color:rgb(255,255,255); margin-top:12pt; margin-bottom:0pt">
<span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">End time: 2024-04-26 00:00:00
 UTC</span></p>
</li></ul>
<p dir="ltr" style="line-height:1.38; background-color:rgb(255,255,255); margin-top:12pt; margin-bottom:12pt">
<span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:700; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">Vote for approval (7 days)</span></p>
<ul style="margin-top:0px; margin-bottom:0px">
<li dir="ltr" style="list-style-type:disc; font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">
<p dir="ltr" role="presentation" style="line-height:1.38; background-color:rgb(255,255,255); margin-top:12pt; margin-bottom:0pt; padding:0pt 0pt 12pt">
<span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">Start time: </span><span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">2024-04-26
 00:00:00 UTC</span></p>
</li><li dir="ltr" style="list-style-type:disc; font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">
<span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">End time:
</span><span style="font-size:11pt; font-family:Arial,sans-serif; color:rgb(0,0,0); background-color:transparent; font-weight:400; font-style:normal; font-variant:normal; text-decoration:none; vertical-align:baseline; white-space:pre-wrap">2024-05-03 00:00:00
 UTC</span></li></ul>
</div>
</div>
</div>
</div>
</body>
</html>