[Cscwg-public] Voting Results: Ballot CSC-14 - Convert Code Signing Baseline Requirements to RFC 3647 Framework

Wed May 25 14:05:01 UTC 2022

Voting has closed on CSCWG-14 and the ballot has passed.

Voting Results
Certificate Issuers
10 votes total, with 1 abstention:

  *   9 Yes votes: Actalis, Certum (Asseco), DigiCert, eMudhra, Entrust, GlobalSign, HARICA, SSL.com, SecureTrust
  *   0 No votes
  *   1 Abstention: Sectigo

Certificate Consumers
1 vote total, with no abstentions

  *   1 Yes vote: Microsoft
  *   0 No votes
  *   0 Abstentions

Bylaw Requirements
1.     Bylaw 2.3(f) requires:
*      A "yes" vote by two-thirds of Certificate Issuer votes and by 50%-plus-one of Certificate Consumer votes. Votes to abstain are not counted for this purpose.
This requirement was MET for Certificate Issuers and MET for Certificate Consumers.
*      At least one Certificate Issuer and one Certificate Consumer Member must vote in favor of a ballot for the ballot to be adopted.
This requirement was MET.
2.    Bylaw 2.3(g) requires that a ballot result only be considered valid when “more than half of the number of currently active Members has participated”. Votes to abstain are counted in determining quorum. Half of the currently active members at the start of voting was 4, so the quorum was 5 for this ballot.
This requirement was MET.

This ballot now enters the IP Rights Review Period to permit members to review the ballot for relevant IP rights issues.

Bruce.

From: Cscwg-public <cscwg-public-bounces at cabforum.org> On Behalf Of Corey Bonnell via Cscwg-public
Sent: Tuesday, May 17, 2022 1:30 PM
To: cscwg-public at cabforum.org
Subject: [EXTERNAL] [Cscwg-public] Voting period begins: Ballot CSC-14 - Convert Code Signing Baseline Requirements to RFC 3647 Framework

WARNING: This email originated outside of Entrust.
DO NOT CLICK links or attachments unless you trust the sender and know the content is safe.
________________________________
Convert Code Signing Baseline Requirements to RFC 3647 Framework

Purpose of this ballot:
RFC 3647 defines a standard framework for outlining the obligations of participants in a PKI. Following the recommended framework as specified in RFC 3647 allows for easier comparison of “The Baseline Requirements for the Issuance and Management of Publicly‐Trusted Code Signing Certificates” with other policy documents, most notably work products of other CA/Browser Forum working groups and individual Certification Authority Certificate Policies and Certification Practice Statements. This ballot restates all existing obligations and requirements that are contained in The Baseline Requirements for the Issuance and Management of Publicly‐Trusted Code Signing Certificates” in the outline recommended by RFC 3647.

The following motion has been proposed by Corey Bonnell of DigiCert and endorsed by Ian McMillan of Microsoft and Dimitris Zacharopoulos of HARICA.

MOTION BEGINS
This ballot updates the “Baseline Requirements for the Issuance and Management of Publicly‐Trusted Code Signing Certificates” version 2.8 by replacing the entirely of the content of the document with the attached document.
MOTION ENDS
The procedure for approval of this ballot is as follows:
Discussion (7 days)
Start Time: 2022-05-10 16:45 UTC
End Time: 2022-05-17 17:30 UTC

Vote for approval (7 days)
Start Time: 2022-05-17 17:30 UTC
End Time: 2022-05-24 17:30 UTC

Any email and files/attachments transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed. If this message has been sent to you in error, you must not copy, distribute or disclose of the information it contains. Please notify Entrust immediately and delete the message from your system.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20220525/9accc272/attachment.html>