[cabfpub] Pre-Ballot 123 - Revalidation of Information

Ben Wilson ben at digicert.com
Thu May 22 20:00:16 UTC 2014

Thanks, Joanna.   While I haven't had time yet to complete all of the
minutes from the last telephone call, here is what Ryan Sleevi said about
Ballot 123, so I'm not sure whether this should be moved out to comment and
vote as an official ballot yet:  


Ryan S:  The initial validation of information begins a process.   The
information in a certificate is presented as still valid.  If you take six
months to gather the information, and then you issue the certificate, things
may have changed.  (E.g. your first step was validation of domain control,
but then you take six months to complete issuance.) There has been talk that
the upper bound of the lifetime of the certificate should be limited to the
oldest piece of information.   However, some CAs want it to be the newest
piece of information (i.e. upon certificate issuance), so that issue has not
been resolved.



As a side note, I looked up Section 7.1, which repeatedly states that the
representations are made, "as of the date the EV Certificate was issued," so
it appears that CAs are already required to ensure the currency of certain
information upon certificate issuance.  


Ballot 123 allows reuse only if the information was fresh (within 30 days)
upon certificate issuance-"provided that the information obtained for
issuance of that EV Certificate was within thirty (30) days of that
Certificate issuance".  


It appears to me that Section 7.1 and proposed Ballot 123 adequately address
time frames, but if we want to make more explicit what is otherwise implied
about information used for initial issuance, I suppose we could take
suggestions.  Otherwise, it seems that we should address re-use for
re-issuance  first, because specific time limits / warranty modifications
for initial issuance can be addressed more clearly in a separate ballot.  







From: Joanna Fox [mailto:jweber at godaddy.com] 
Sent: Thursday, May 22, 2014 10:00 AM
To: ben at digicert.com; public at cabforum.org
Subject: RE: [cabfpub] Pre-Ballot 123 - Revalidation of Information


Apologies for the delayed response, I would be willing to endorse.




From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On
Behalf Of Ben Wilson
Sent: Wednesday, May 14, 2014 9:59 AM
To: public at cabforum.org
Subject: Re: [cabfpub] Pre-Ballot 123 - Revalidation of Information


Because we reviewed this ballot already on the last call, I'd like to move
it forward today into review-and-comment period.  

Motion was made by Cecilia and endorsed by Jeremy and WHOM?

Who else is willing to endorse?




From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On
Behalf Of Ben Wilson
Sent: Tuesday, May 13, 2014 3:26 PM
To: public at cabforum.org
Subject: [cabfpub] Pre-Ballot 123 - Revalidation of Information



Here is the current draft of Ballot 123 - Revalidation of Information.  As
discussed during our call on May 1st, the primary purpose of this ballot is
to clarify when the 13 months in the current section 11.13.1 begin to run.
As part of the ballot, sections 11.13.1 and 11.13.3 trade places, section
11.13.2 is moved to the first paragraph of 13.1.1, and 11.13.4 changes to

I think this ballot was proposed by Cecilia and Jeremy, but I don't recall
the other endorser. 

Please take a look at this and provide any additional comments.




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20140522/c13025df/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5453 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20140522/c13025df/attachment-0001.p7s>

More information about the Public mailing list