<div dir="ltr">Aaron - <div>Can I suggest that maybe the comparison should be done in a case blind fashion?<div>For example, requiring the headers for the subsections of 1.3 to have the second word lower case when it is common practice to refer to Certification Authorities as CAs and Registration Authorities as RAs, etc. just makes the document inconsistent. I understand the goal is to try to make comparisons easier, but requiring all Public Trusted CAs have these style inconsistencies in their own documentation seems like a step too far.</div><div><br></div><div>thanks,<br clear="all"><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><p class="MsoNormal"><span style="font-family:"Segoe Script",sans-serif">Wendy</span></p><p class="MsoNormal"><br></p><p class="MsoNormal">Wendy Brown</p>

<p class="MsoNormal">Supporting GSA</p><p class="MsoNormal">FPKIMA Technical Liaison</p>

<p class="MsoNormal">Protiviti Government
Services</p>

<span style="font-size:11.0pt;font-family:"Calibri",sans-serif">703-965-2990 (cell)</span><br></div></div></div><br></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, May 8, 2024 at 6:06 PM Aaron Gable via Servercert-wg <<a href="mailto:servercert-wg@cabforum.org">servercert-wg@cabforum.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Of course! Done: <a href="https://github.com/cabforum/servercert/issues/513" target="_blank">https://github.com/cabforum/servercert/issues/513</a></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, May 8, 2024 at 8:37 AM Dimitris Zacharopoulos (HARICA) <<a href="mailto:dzacharo@harica.gr" target="_blank">dzacharo@harica.gr</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><u></u>

  
    
  
  <div>
    Thanks Aaron,<br>
    <br>
    Would it be ok for you to create a <a href="https://github.com/cabforum/servercert/issues" target="_blank">GitHub issue</a>
    to identify the specific sections that deviate in content? We might
    tackle that in a cleanup ballot. I don't think the capitalization is
    so much of a concern but if others think it is, please speak up :) <br>
    <br>
    <br>
    Dimitris.<br>
    <br>
    <div>On 8/5/2024 1:19 π.μ., Aaron Gable
      wrote:<br>
    </div>
    <blockquote type="cite">
      
      <div dir="ltr">
        <div>Two notes on this ballot, findings from our process for
          handling upcoming requirements:</div>
        <div><br>
        </div>
        <div>1) Let's Encrypt has <a href="https://github.com/letsencrypt/cp-cps/tree/d5b258a/tools/lint" target="_blank">created and open-sourced a tool</a>
          for linting a CPS to confirm compliance with RFC 3647 Section
          6 and Ballot SC-074. If you maintain your CPS document in
          markdown, it should be very simple to use or adapt to your
          particular situation.</div>
        <div><br>
        </div>
        <div>2) The Baseline Requirements themselves do not quite comply
          with RFC 3647 Section 6, with several section titles that
          deviate from that outline in either capitalization or actual
          content.</div>
        <div><br>
        </div>
        <div>We hope this information is helpful to others,</div>
        <div>Aaron</div>
        <div><br>
        </div>
        <div class="gmail_quote">
          <div dir="ltr" class="gmail_attr">On Thu, Apr 25, 2024 at
            9:27 AM Dimitris Zacharopoulos (HARICA) via Servercert-wg
            <<a href="mailto:servercert-wg@cabforum.org" target="_blank">servercert-wg@cabforum.org</a>>
            wrote:<br>
          </div>
          <blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
            <div> <br>
              <h1 id="m_-6450730596943934832m_-335726473920697852m_-8449533255907748392bkmrk-page-title">SC-74 -
                Clarify CP/CPS structure according to RFC 3647</h1>
              <h2 id="m_-6450730596943934832m_-335726473920697852m_-8449533255907748392bkmrk-summary">Summary</h2>
              <p id="m_-6450730596943934832m_-335726473920697852m_-8449533255907748392bkmrk-the-tls-baseline-req">The
                TLS Baseline Requirements require in section 2.2 that:</p>
              <p id="m_-6450730596943934832m_-335726473920697852m_-8449533255907748392bkmrk-%22the-certificate-pol"><em>"The
                  Certificate Policy and/or Certification Practice
                  Statement MUST be structured in accordance with RFC
                  3647 and MUST include all material required by RFC
                  3647."</em></p>
              <p id="m_-6450730596943934832m_-335726473920697852m_-8449533255907748392bkmrk-the-intent-of-this-l">The
                intent of this language was to ensure that all CAs' CP
                and/or CPS documents contain a similar structure, making
                it easier to review and compare against the BRs.
                However, there was some ambiguity as to the actual
                structure that CAs should follow. After several
                discussions in the <a href="https://lists.cabforum.org/pipermail/servercert-wg/2023-November/004070.html" target="_blank">SCWG Public Mailing List</a>
                and F2F meetings, it was agreed that more clarity should
                be added to the existing requirement, pointing to the
                outline described in section 6 of RFC 3647.</p>
              <u></u>The
                following motion has been proposed by Dimitris
                Zacharopoulos (HARICA) and endorsed by Aaron Poulsen
                (Amazon) and Tim Hollebeek (Digicert). <u></u><u></u><u></u>
              <p id="m_-6450730596943934832m_-335726473920697852m_-8449533255907748392bkmrk-you-can-view-and-com">You
                can view the github pull request representing this
                ballot <a href="https://github.com/cabforum/servercert/pull/503" target="_blank">here</a>. <br>
              </p>
              <h2 id="m_-6450730596943934832m_-335726473920697852m_-8449533255907748392bkmrk-motion-begins">Motion
                Begins</h2>
              <p id="m_-6450730596943934832m_-335726473920697852m_-8449533255907748392bkmrk-modify-the-%22baseline">MODIFY
                the "Baseline Requirements for the Issuance and
                Management of Publicly-Trusted TLS Server Certificates"
                based on Version 2.0.4 as specified in the following
                redline:<br>
              </p>
              <ul id="m_-6450730596943934832m_-335726473920697852m_-8449533255907748392bkmrk-https%3A%2F%2Fgithub.com%2Fc">
                <li><a href="https://github.com/cabforum/servercert/compare/c4a34fe2292022e0a04ba66b5a85df75907ac2a2...f6a90e2a652fbb7a2d62a976b70f4af3adce8dae" target="_blank">https://github.com/cabforum/servercert/compare/c4a34fe2292022e0a04ba66b5a85df75907ac2a2...f6a90e2a652fbb7a2d62a976b70f4af3adce8dae</a>
                  <br>
                </li>
              </ul>
              <h2 id="m_-6450730596943934832m_-335726473920697852m_-8449533255907748392bkmrk-motion-ends">Motion
                Ends</h2>
              <p id="m_-6450730596943934832m_-335726473920697852m_-8449533255907748392bkmrk-this-ballot-proposes">This
                ballot proposes a Final Maintenance Guideline. The
                procedure for approval of this ballot is as follows:</p>
              <h4 id="m_-6450730596943934832m_-335726473920697852m_-8449533255907748392bkmrk-discussion-%2811%2B-days">Discussion (at
                least 7 days)</h4>
              <ul id="m_-6450730596943934832m_-335726473920697852m_-8449533255907748392bkmrk-start-time%3A-2024-01-">
                <li>Start time: 2024-04-25 16:30:00 UTC</li>
                <li>End time: on or after 2024-05-02 16:30:00 UTC</li>
              </ul>
              <h4 id="m_-6450730596943934832m_-335726473920697852m_-8449533255907748392bkmrk-vote-for-approval-%287">Vote
                for approval (7 days)</h4>
              <ul id="m_-6450730596943934832m_-335726473920697852m_-8449533255907748392bkmrk-start-time%3A-tbd-end-">
                <li>Start time: TBD</li>
                <li>End time: TBD</li>
              </ul>
              <br>
            </div>
            _______________________________________________<br>
            Servercert-wg mailing list<br>
            <a href="mailto:Servercert-wg@cabforum.org" target="_blank">Servercert-wg@cabforum.org</a><br>
            <a href="https://lists.cabforum.org/mailman/listinfo/servercert-wg" rel="noreferrer" target="_blank">https://lists.cabforum.org/mailman/listinfo/servercert-wg</a><br>
          </blockquote>
        </div>
      </div>
    </blockquote>
    <br>
  </div>

</blockquote></div>
_______________________________________________<br>
Servercert-wg mailing list<br>
<a href="mailto:Servercert-wg@cabforum.org" target="_blank">Servercert-wg@cabforum.org</a><br>
<a href="https://lists.cabforum.org/mailman/listinfo/servercert-wg" rel="noreferrer" target="_blank">https://lists.cabforum.org/mailman/listinfo/servercert-wg</a><br>
</blockquote></div>