[cabfpub] Draft ballot to accelerate the max cert lifetime timetable

Gervase Markham gerv at mozilla.org
Wed Nov 20 02:45:59 MST 2013


Here is a draft ballot implementing my suggestion for an accelerated
timetable for the reduction in certificate lifetimes. Note that it
retains 39 months as the maximum lifetime rather than attempting a move
to 36 months. The new date remains at 1st January 2014 because it
matches well with 1st January 2017 and the new 3-year lifetime.

Please say if you would like to endorse this ballot.

Note that this is a draft ballot; please don't issue it as an actual
ballot until I say so. And please comment if the wording does not match
the intent.


Ballot 111 – Accelerate Max Certificate Lifetime Reduction Timetable

Gervase Markham (Mozilla) made the following motion, endorsed by X from
Y and Z from Q:

--- Motion begins ---

The CAB Forum wishes to take advantage of the /de facto/ deprecation of
the near-ubiquitous SHA-1 has algorithm in the Web PKI on 1st January
2017 by accelerating its planned move to shorter maximum certificate
lifetimes, in order to attain more agile certificate ecosystem.

Therefore, effective immediately, the Baseline Requirements are altered
as follows:

Update section 9.4.1 to change both occurrences of "1st April 2015" to
"1st January 2014".

Update the Relevant Compliance Dates table on page ii to change
2015-04-01 to 2014-01-01 in the appropriate line.

... Motion ends ...

The ballot review period comes into effect immediately upon posting
today (XXXX) and will close at 2200 UTC on XXXX.  Unless the ballot is
withdrawn or modified during the review period, the voting period will
start immediately thereafter and will close at 2200 UTC on XXXX.  If the
ballot is modified for reasons other than to correct minor typographical
errors, then the ballot will be deemed to have been withdrawn.

Votes must be cast by posting an on-list reply to this thread.

A vote in favor of the ballot must indicate a clear 'yes' in the response.

A vote against the ballot must indicate a clear 'no' in the response. A
vote to abstain must indicate a clear 'abstain' in the response. Unclear
responses will not be counted. The latest vote received from any
representative of a voting member before the close of the voting period
will be counted.

Voting members are listed here: http://www.cabforum.org/forum.html

In order for the motion to be adopted, two thirds or more of the votes
cast by members in the CA category and more than one half of the votes
cast by members in the browser category must be in favor. Also, quorum
is currently set at XXXX members-- at least XXXX members must participate
in the ballot, either by voting in favor, voting against, or by
abstaining for the vote to be valid.


Gerv


More information about the Public mailing list