[cabf_netsec] Voting Period Begins | Ballot NS-003: Restructure the NCSSRs

Tugba ÖZCAN (BILGEM KSM) tugba.ozcan at tubitak.gov.tr
Wed Apr 24 11:25:30 UTC 2024 

Kamu SM votes "Yes" on Ballot NS-003 



Tuğba ÖZCAN 

Head Of e_signature Technologies Department 



TÜBİTAK/BİLGEM/Kamu SM 

Çamlıca Mahallesi 408. Cadde No: 136 

C Blok 5. Kat Yenimahalle/Ankara 

Dahili:8543 




tugba.ozcan at tubitak.gov.tr 


Kimden: "Clint Wilson via Netsec" <netsec at cabforum.org> 
Kime: "NetSec CA/BF" <netsec at cabforum.org> 
Gönderilenler: 23 Nisan Salı 2024 18:59:16 
Konu: [cabf_netsec] Voting Period Begins | Ballot NS-003: Restructure the NCSSRs 

Ballot NS-003 is proposed by Clint Wilson of Apple and endorsed by Trevoli Ponds-White of Amazon and David Kluge of Google Trust Services. 

Purpose of Ballot 

This ballot proposes a comprehensive restructuring of the Network and Certificate System Security Requirements (NCSSRs), excepting Section 4. The current structure of the document has proven to be challenging for creating ballots, contains duplicated requirements, and separates similar requirements across the document. These issues have led to inefficiencies in managing and implementing security standards. Therefore, this proposal aims to streamline the document's structure, eliminate redundancies, improve comprehensibility, and enhance clarity and coherence. 

Reasons for Proposal: 



    * Complexity in Ballot Creation : The current document structure can make it difficult to create and manage ballots efficiently, leading to somewhat awkward updating processes, abandoned ballots, and a lack of confidence that ballots effect the intended changes. 
    * Redundancy : Over time, some parts of the NCSSRs have touched on the same topic, leading to some duplication across the document and further to confusion and inconsistency in implementation. 
    * Fragmentation : Similar requirements for different parts of a CA’s NCSSR-relevant infrastructure are scattered throughout the document, making it somewhat more difficult for to locate and comprehend a complete picture of these requirements effectively. 
    * Minor Issues : The document contains other, more minor issues that also impede its usability and effectiveness, such as missing definitions, unclear list structures, and requirements that are more optional than they may currently appear. 

Benefits of the Updated Document Structure: 



    * Enhanced Clarity : The revised structure should improve the clarity and coherence of the document, making the requirements it represents easier to understand, as well as result in greater consistency when implementing or assessing its security requirements. 
    * Future Updates : A more granular document structure should improve the process of creating and managing ballots in the future. Similarly, the improved proximity of related requirements should hopefully aid in identifying the areas the NCSSRs can most benefit from further attention. 
    * Grouping and De-duplication of Similar Requirements : By consolidating duplicated requirements, the updated document should make it much easier to find, comprehend, assess, and implement related requirements. 
    * Clearer Recommendations : The updated document includes a number of additional “SHOULD”-type stipulations, clarifying some of the language in the current NCSSRs such that it’s easier to identify where the NCSSRs impose a strict requirement as opposed to a strong recommendation. 

Overall, this ballot proposal seeks to address existing challenges in updating the current version of the NCSSRs and pave the way for future improvements to the NCSSRs. 

MOTION BEGINS 

This ballot modifies the “Network and Certificate System Security Requirements” as follows, based on version 1.7: 

[ https://github.com/cabforum/netsec/compare/c62a2f88e252de5c79b101fa3c9e9c536388639a...8bd66d27c07e30d1f4d9e6dd57b075bca499bf2e | https://github.com/cabforum/netsec/compare/c62a2f88e252de5c79b101fa3c9e9c536388639a...8bd66d27c07e30d1f4d9e6dd57b075bca499bf2e ] 

MOTION ENDS 

The procedure for approval of this ballot is as follows: 

Discussion Period (14+ days) 

Start Time: 2024-April-09 16:00 UTC 
End Time: 2024-April-23 15:59 UTC 

Voting Period (7 days) 

Start Time: 2024-April-23 16:00 UTC 
End Time: 2024-April-30 16:00 UTC 

_______________________________________________ 
Netsec mailing list 
Netsec at cabforum.org 
https://lists.cabforum.org/mailman/listinfo/netsec 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/netsec/attachments/20240424/6d81dbd4/attachment.html>

More information about the Netsec mailing list