[Cscwg-public] [EXTERNAL] Re: CSWG Cleanup and Clarification Ballot

Bruce Morton Bruce.Morton at entrust.com
Fri Jun 4 13:51:39 UTC 2021

Hi Dimitris,

Comments below.


From: Cscwg-public <cscwg-public-bounces at cabforum.org> On Behalf Of Dimitris Zacharopoulos (HARICA) via Cscwg-public
Sent: Friday, June 4, 2021 1:47 AM
To: cscwg-public at cabforum.org
Subject: [EXTERNAL] Re: [Cscwg-public] CSWG Cleanup and Clarification Ballot

WARNING: This email originated outside of Entrust.
DO NOT CLICK links or attachments unless you trust the sender and know the content is safe.

On 2/6/2021 10:05 μ.μ., Bruce Morton via Cscwg-public wrote:
Here is a draft markup of the cleanup and clarification ballot. We can discuss briefly in our call tomorrow. I am proposing that we have an in-depth discussion (~1 hour) at the virtual F2F meeting. Hopefully we can closed this draft at that time and allow us to move forward with the changes. I will also be looking for endorsers, so I can assign this ballot a number.

If you have comments, please feel free to respond.

Hi Bruce,

As we discussed on our regular teleconference yesterday, I have two requests:

  1.  In section 11.1.2, please update the text to "Qualified Certificates for electronic signatures issued pursuant to....". I realized that there are lots of types of "Qualified Certificates" but we're looking at eSignature Certificates for Natural Persons. In addition, I noticed that the term "personal Certificate" in the same paragraph, is not properly defined and is kind of ambiguous. We might want to clarify that this the CA expects a Certificate where the Subject information identifies a Natural Person. In case we are willing to accept Qualified Certificates for electronic seals, which are issued to Legal Entities, the group should discuss and decide. For now, allowing only eSignature Certificates is the safest approach. [BM – Done]
  2.  In section 13.2.2 please remove the additional text regarding Certificate suspension. We can address that in a separate ballot. [BM – Done]
During your review, you had a comment for section 9.3.3 indicating that "This section may conflict with Appendix A. The requirement should be stated in one place. A reference may also be required". Indeed, we have similar language in Appendix A. Do you plan to address this comment in this ballot? I think it fits the "cleanup and clarification" nature. [BM – I tried to make this simple by stating “Refer to certificate policy identification requirements in Section 9.3.3.” Does that work or should we make more edits?]

Finally, I want to highlight that although this ballot is labeled "cleanup and clarification", it does change some normative requirements so CAs should pay attention and read this ballot carefully for possible areas of concern. [BM – Can you itemize the items which you think CAs should be concerned? If we think something is significant, we could put in an effectivity date for those items.]

Best regards,

Thanks, Bruce.


Cscwg-public mailing list

Cscwg-public at cabforum.org<mailto:Cscwg-public at cabforum.org>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20210604/2a29d6b4/attachment.html>

More information about the Cscwg-public mailing list