[Infrastructure] Questions from working through the BRs

Wayne Thayer wthayer at mozilla.com
Wed Apr 24 14:31:37 MST 2019 

On Wed, Apr 24, 2019 at 1:52 PM Tim Hollebeek <tim.hollebeek at digicert.com>
wrote:

> Inline.
>
>
>
> *From:* Infrastructure <infrastructure-bounces at cabforum.org> *On Behalf
> Of *Jos Purvis (jopurvis)
> *Sent:* Wednesday, April 24, 2019 1:47 PM
> *To:* infrastructure at cabforum.org
> *Subject:* [Infrastructure] Questions from working through the BRs
>
>
>
> Forgot to raise these earlier, but I ran across some questions as I hacked
> my way through the BR content. I thought I’d raise them here to start, and
> then can raise() any that aren’t handled at this level to the SCWG for
> discussion.
>
>
>
>    1. In 1.6.1, under ‘Definitions’, we define ‘Effective Date’ as just
>    ‘1 July 2012’. No context or anything else, just the date. Was that meant
>    to be an example of an effective date, or the date the BRs became
>    effective, or…?
>
>
>
> Effective Date of the BRs.
>
>
>
>    1. The BRs seem to be now the exclusive ‘property’ of the SCWG, which
>    then focuses them on TLS Client/Server certificates, with S/MIME and email
>    certificates handed off to the nascent S/MIME WG. With that in mind, do we
>    still need section 3.2.3 (“Authentication of Individual Identity”)?
>
>
>
> Individually validated TLS server certificates are still a thing.
>
>
>
>    1. Not quite a question, but I think we should either remove all of
>    the “No stipulations” or add them in everywhere—it looks kind of weird to
>    have them in some places and not in others.
>
>
>
> IIRC “No stipulations” was explicitly added to sections that were
> discussed by the previously existing Policy Working Group.  Sections that
> are still blank are blank because there wasn’t consensus that they should
> be blank.
>
>
>
>    1. Should we prune section 6.1.5 to remove all of the key sizes that
>    are now no longer usable, like MD5 and RSA-1024?
>
>
>
> If people want, it can be handled in the spring cleanup ballot, which
> should be out for discussion soon (I’m waiting for Wayne’s Bylaw ballot to
> make ballots easier).
>
>
>

Working on it :-)


>    1. Can we re-word the list in section 8.2 to make it more
>    grammatically agreeable? :)
>    2. It looks like sections 3.2.2.5.5 to 7 could use some re-wording to
>    make them full sentences and turn them into requirements (they read like
>    descriptions). Would that be a ballot for those changes, or simply a
>    proposed wording change on the SCWG?
>
>
Those sections were modeled after 3.2.2.4, so I suspect there are more
sections that could be improved. Given the importance of these sections,
I'd like to see even minor clarifications go through the ballot process.


>
> Cheers,
>
>
>
> Jos
>
>
>
>
>
> --
> Jos Purvis (jopurvis at cisco.com)
> .:|:.:|:. cisco systems  | Cryptographic Services
> PGP: 0xFD802FEE07D19105  | +1 919.991.9114 (desk)
>
>
> _______________________________________________
> Infrastructure mailing list
> Infrastructure at cabforum.org
> http://cabforum.org/mailman/listinfo/infrastructure
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/infrastructure/attachments/20190424/d23e5a49/attachment.html>

More information about the Infrastructure mailing list