<div dir="ltr"><span id="m_-4013803945524920516gmail-docs-internal-guid-0cd3da55-7fff-70f0-f5b7-bea053a66cb8"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-family:Arial,sans-serif;color:rgb(14,16,26);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;vertical-align:baseline">Hi Adriano,</span></p><br><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-family:Arial,sans-serif;color:rgb(14,16,26);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;vertical-align:baseline">Thank you for your review of the </span><a href="https://github.com/ryancdickson/staging/pull/8" style="text-decoration-line:none" target="_blank"><span style="font-family:Arial,sans-serif;color:rgb(74,110,224);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;text-decoration-line:underline;vertical-align:baseline">latest</span></a><span style="font-family:Arial,sans-serif;color:rgb(14,16,26);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;vertical-align:baseline"> proposal to incorporate "Multi-Perspective Issuance Corroboration" ("MPIC") requirements into the TLS Baseline Requirements.</span></p><br><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-family:Arial,sans-serif;color:rgb(14,16,26);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;vertical-align:baseline">Responses to your comments are inline below.</span></p><br><blockquote style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex" class="gmail_quote"><span style="font-family:Arial,sans-serif;color:rgb(14,16,26);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;vertical-align:baseline">1) I cannot seem to find an explicit requirement that a CA uses at least two (2) Remote Network Perspectives. That can be inferred from the Quorum Requirements table in 3.2.2.9, sure, but it would probably be better (IMO) if it was explicit.</span></blockquote><br><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-family:Arial,sans-serif;color:rgb(14,16,26);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;vertical-align:baseline">The "Quorum Requirements" table describes the maximum number of allowed "non-corroborations" given the number of distinct remote network perspectives used for an MPIC attempt. The end of 3.2.2.9 presents the "Phased Implementation Timeline," which describes implementation milestones that strengthen over time. Over the proposed implementation timeline, quorum requirements increase from undefined (during the period where CAs SHOULD be implementing MPIC but are not otherwise required) to 5+ (beginning in December 2026).</span></p><br><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-family:Arial,sans-serif;color:rgb(14,16,26);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;vertical-align:baseline">I've noticed some of my formatted emails aren't preserved well on the Mail archive (</span><a href="https://archive.cabforum.org/pipermail/servercert-wg/2023-July/003825.html" style="text-decoration-line:none" target="_blank"><span style="font-family:Arial,sans-serif;color:rgb(74,110,224);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;text-decoration-line:underline;vertical-align:baseline">example</span></a><span style="font-family:Arial,sans-serif;color:rgb(14,16,26);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;vertical-align:baseline">), so I've also described this implementation in </span><a href="https://github.com/ryancdickson/staging/pull/8/files#r1368708684" style="text-decoration-line:none" target="_blank"><span style="font-family:Arial,sans-serif;color:rgb(74,110,224);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;text-decoration-line:underline;vertical-align:baseline">a GitHub comment</span></a><span style="font-family:Arial,sans-serif;color:rgb(14,16,26);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;vertical-align:baseline">. I also made some </span><a href="https://github.com/ryancdickson/staging/commit/d40f1614978f74fd84a198175640bd2f4008106b" style="text-decoration-line:none" target="_blank"><span style="font-family:Arial,sans-serif;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;text-decoration-line:underline;vertical-align:baseline">edits</span></a><span style="font-family:Arial,sans-serif;color:rgb(14,16,26);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;vertical-align:baseline"> to the proposed language in hopes of making this more clear.</span></p><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-family:Arial,sans-serif;color:rgb(14,16,26);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;vertical-align:baseline"> </span></p><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-family:Arial,sans-serif;color:rgb(14,16,26);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;vertical-align:baseline">Does this address your concern? If not, suggested edits directly on GitHub are welcome.</span></p><br><br><blockquote style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex" class="gmail_quote"><span style="font-family:Arial,sans-serif;color:rgb(14,16,26);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;vertical-align:baseline">2) The current proposed language has it that Remote Network Perspectives must be "distinct from the Primary Network Perspective" (meaning they must be at least 500km away from it), but it doesn't say that they must also be "distinct" from each other! Although this is intuitable, IMO it would be better to clarify.</span></blockquote><br><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-family:Arial,sans-serif;color:rgb(14,16,26);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;vertical-align:baseline">Added in this </span><a href="https://github.com/ryancdickson/staging/commit/fa0bb58b405a3745874e757f072789f369087c60" style="text-decoration-line:none" target="_blank"><span style="font-family:Arial,sans-serif;color:rgb(74,110,224);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;text-decoration-line:underline;vertical-align:baseline">update</span></a><span style="font-family:Arial,sans-serif;color:rgb(14,16,26);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;vertical-align:baseline">. </span><span style="color:rgb(14,16,26);font-family:Arial,sans-serif">Does this address your concern? If not, suggested edits directly on GitHub are welcome.</span></p><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="color:rgb(14,16,26);font-family:Arial,sans-serif"><br></span></p><br><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-family:Arial,sans-serif;color:rgb(14,16,26);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;vertical-align:baseline">If I can make anything more clear, please let me know.</span></p><br><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-family:Arial,sans-serif;color:rgb(14,16,26);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;vertical-align:baseline">Thanks again for your review and comments,</span></p><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-family:Arial,sans-serif;color:rgb(14,16,26);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;vertical-align:baseline">Ryan</span></p></span><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Oct 23, 2023 at 4:58 AM Adriano Santoni via Validation <<a href="mailto:validation@cabforum.org" target="_blank">validation@cabforum.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><u></u>
<div>
<p><font face="Calibri">All,</font></p>
<p><font face="Calibri">I have a couple doubts after reading [1]:</font></p>
<p><font face="Calibri">1) I cannot seem to find an explicit
requirement that a CA uses at least two (2) Remote Network
Perspectives. That can be inferred from the Quorum Requirements
table in 3.2.2.9, sure, but it would probably be better (IMO) if
it was explicit.<br>
</font></p>
<p><font face="Calibri">2) The current proposed language has it that
Remote Network Perspectives must be "distinct from the Primary
Network Perspective" (meaning they must be at least 500km away
from it), but it doesn't say that they must also be "distinct"
from each other! Although this is intuitable, IMO it would be
better to clarify.</font></p>
<p><font face="Calibri">[1]
<a href="https://github.com/ryancdickson/staging/blob/require-mpdv-v2/docs/BR.md#3229-multi-perspective-issuance-corroboration" target="_blank">https://github.com/ryancdickson/staging/blob/require-mpdv-v2/docs/BR.md#3229-multi-perspective-issuance-corroboration</a></font></p>
<p><font face="Calibri">Adriano</font></p>
<br>
</div>
_______________________________________________<br>
Validation mailing list<br>
<a href="mailto:Validation@cabforum.org" target="_blank">Validation@cabforum.org</a><br>
<a href="https://lists.cabforum.org/mailman/listinfo/validation" rel="noreferrer" target="_blank">https://lists.cabforum.org/mailman/listinfo/validation</a><br>
</blockquote></div>