[cabfpub] Ballot 133 - Insurance Requirements for EV Issuers

Eddy Nigg eddy_nigg at startcom.org
Mon Oct 20 16:21:27 UTC 2014

StartCom votes YES

On 10/08/2014 07:08 PM, Ben Wilson wrote:
> *Ballot 133 - Insurance Requirements for EV Issuers*
> The following motion has been proposed by Ben Wilson of Digicert and 
> endorsed by Atilla Biler of Turktrust and Dean Coclin of Symantec.**
> *Purpose *
> The purpose of this ballot is to simplify the insurance requirements 
> in section 8.4 of the EV Guidelines by replacing commercial general 
> liability in (A) with an ordinary property casualty insurance 
> requirement and to simplify third party liability coverage in (B) and 
> reduce the required amount of that coverage down to $3 million. This 
> should make it easier for CAs to obtain insurance required by the EV 
> Guidelines.
> *-- MOTION BEGINS -- *
> 1. Amend the second paragraph of Section 8.1 as follows:
> If a court or government body with jurisdiction over the activities 
> covered by these Guidelines determines that the performance of any 
> mandatory requirement is illegal _or would conflict with local law_, 
> then such requirement is considered reformed to the minimum extent 
> necessary to make the requirement valid and legal. This applies only 
> to operations, orcertificate issuances, _or insurance 
> requirements___that are subject to the laws of that jurisdiction. The 
> parties involved SHALL notify the CA / Browser Forum of the facts, 
> circumstances, and law(s) involved, so that the CA/Browser Forum may 
> revise these Guidelines accordingly.
> 2. Amend Section 8.4 as follows:
> *8.4.  Insurance *
> Each CA SHALL maintain the following insurance related to their _its 
> _respective performance and obligations under these Guidelines:
> _(A) Property insurance for casualty/perils of fire, water, electrical 
> failure, and natural disaster in sufficient amount to cover damage or 
> loss to physical assets used to issue and maintain EV 
> Certificates_,Commercial General Liability insurance (occurrence form) 
> with policy limits of at least two million US dollars in coverage; and
> (B) Professional Liability, Errors and Omissions insurance, with 
> policy limits of at least five _three _million US dollars in 
> coverage_, per claim and in the aggregate_, and including coverage for 
> (i) claims for _direct _damages arising out of an _negligent_ act, 
> error, or omission, unintentional breach of contract, or neglect in 
> issuing or maintaining EV Certificates, and (ii) claims for damages 
> arising out of infringement of the proprietary rights of any third 
> party (excluding copyright, and trademark infringement), and invasion 
> of privacy and advertising injury.
> _(1)_ Such insurance_MUST NOT exclude coverage when providing 
> cryptographic, digital signature, or public key infrastructure services; _
> _and_
> _(2) Such insurance _must:
> _(i) be maintained for all periods during which an EV Certificate 
> issued by the CA is still valid (and if coverage is canceled or not 
> renewed, the CA shall purchase an extended reporting period for such 
> periods);_
> _(ii) include coverage for those territories where the CA provides EV 
> Certificates; and_
> _(iii)_ be with a company rated _good or better by Standard & Poor's, 
> A.M._ no less than A- as to Policy Holder's Rating in the current 
> edition of Best's Insurance Guide_, Fitch, Moody's, DBRS, Japan Credit 
> Rating Agency, Creditreform, Scope Ratings, or another similarly 
> recognized insurance rating agency _(or with an association of 
> companies each of the members of which are so rated).
> _If available at reasonable cost, a CA SHOULD maintain coverage for 
> damage or loss to data, software, systems, and for business 
> interruption due to IT security failure, malware, network attack, 
> criminal hacker, or theft. _
> A CA MAY self-insure for liabilities that arise from such party's 
> performance and obligations under these Guidelines provided that it 
> has at least five hundred million US dollars in liquid _current 
> _assets based on audited financial statements in the past twelve 
> months, and a quick ratio (ratio of liquid _current_ assets to current 
> liabilities) of not less than 1.0.
> *-- MOTION ENDS -- *
> The review period for this ballot shall commence at 2200 UTC on 
> Wednesday, 8 October 2014, and will close at 2200 UTC on Wednesday, 15 
> October 2014. Unless the motion is withdrawn during the review period, 
> the voting period will start immediately thereafter and will close at 
> 2200 UTC on Wednesday, 22 October 2014. Votes must be cast by posting 
> an on-list reply to this thread.
> A vote in favor of the motion must indicate a clear 'yes' in the 
> response. A vote against must indicate a clear 'no' in the response. A 
> vote to abstain must indicate a clear 'abstain' in the response. 
> Unclear responses will not be counted. The latest vote received from 
> any representative of a voting member before the close of the voting 
> period will be counted. Voting members are listed here: 
> https://cabforum.org/members/
> In order for the motion to be adopted, two thirds or more of the votes 
> cast by members in the CA category and greater than 50% of the votes 
> cast by members in the browser category must be in favor. Quorum is 
> currently nine (9) members-- at least nine members must participate in 
> the ballot, either by voting in favor, voting against, or abstaining.
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public

Signer: 	Eddy Nigg, COO/CTO
	StartCom Ltd. <http://www.startcom.org>
XMPP: 	startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: 	Join the Revolution! <http://blog.startcom.org>
Twitter: 	Follow Me <http://twitter.com/eddy_nigg>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20141020/b469b63e/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4313 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cabforum.org/pipermail/public/attachments/20141020/b469b63e/attachment-0001.p7s>

More information about the Public mailing list