[cabfpub] Ballot 131 - Update to Verified Method of Communication
Eddy Nigg
eddy_nigg at startcom.org
Wed Sep 3 09:26:58 UTC 2014
StartCom votes YES.
On 08/22/2014 07:51 PM, Jeremy Rowley wrote:
>
> Hi everyone,
>
> The following is a revised ballot for verifying a method of
> communication from the EV working group. The changes in this ballot
> incorporate the comments provide during the face-to-face and on the
> mailing list.
>
> Jeremy
>
> ------------------
>
> Ballot 131 - Update to Verified Method of Communication
>
> The EV Guidelines Working Group has revisited Section 11.4 of the EV
> Guidelines (Applicant's Physical Existence) and has decided that it is
> best to split it into two separate sections. Section 11.4.1 would
> remain as is for "Address of Applicant's Place of Business." Section
> 11.4.2 would be moved to its own section--a new 11.5, and all
> subsequent section numbers in 11 would be renumbered accordingly. The
> new Section 11.5 will focus on a verified means for communicating with
> the organization to be named as the subject in the certificate (to
> verify the authority of EV roles and ensure that it was appropriately
> aware of the certificate request).
>
> Cecilia Kam of Symantec made the following motion, and Rich Smith from
> Comodo and Jeremy Rowley from DigiCert have endorsed it.
>
> Motion Begins
>
> In the Guidelines for the Issuance and Management of Extended
> Validation Certificates:
>
> 1. DELETE Section 11.4.2 (Telephone Number for Applicant's Place of
> Business)
>
> 2. INSERT a new definition - "Verified Method of Communication" - in
> Section 4 as follows:
>
> Verified Method of Communication: The use of a telephone number, a fax
> number, an email address, or a postal delivery address, confirmed by
> the CA in accordance with Section 11.5 of the Guidelines as a reliable
> way of communicating with the Applicant.
>
> 3. In Section 11.11.1, renumber the existing subsection (3) as
> subsection (4) and INSERT a new subsection (3) as follows:
>
> "(3) Verify a reliable means of communication with the entity to be
> named as the Subject in the Certificate;"
>
> 4. RENUMBER sections 11.5 through 11.13 by increasing them each by .1
> and UPDATE all cross-references in the EV Guidelines.
>
> 5. INSERT a new Section 11.5 titled, "Verified Method of
> Communication" as follows:
>
> 11.5 Verified Method of Communication
>
> 11.5.1 Verification Requirements
>
> To assist in communicating with the Applicant and confirming that the
> Applicant is aware of and approves issuance, the CA MUST verify a
> telephone number, fax number, email address, or postal delivery
> address as a Verified Method of Communication with the Applicant.
>
> 11.5.2 Acceptable Methods of Verification
>
> To verify a Verified Method of Communication with the Applicant, the
> CA MUST:
>
> (A) Verify that the Verified Method of Communication belongs to the
> Applicant, or a Parent/Subsidiary or Affiliate of the Applicant, by
> matching it with one of the Applicant's Parent/Subsidiary or
> Affiliate's Places of Business in: (i) records provided by the
> applicable phone company; (ii) a QGIS, QTIS, or QIIS; or (iii) a
> Verified Legal Opinion or Verified Accountant Letter; and
>
> (B) Confirm the Verified Method of Communication by using it to obtain
> an affirmative response sufficient to enable a reasonable person to
> conclude that the Applicant, or a Parent/Subsidiary or Affiliate of
> Applicant, can be contacted reliably by using the Verified Method of
> Communication.
>
> 6. Amend newly renumbered subsection 11.11.4(1)(A)(i) as follows: "A
> position within the Applicant's organization that qualifies as a
> Confirming Person (e.g., Secretary, President, CEO, CFO, COO, CIO,
> CSO, Director, etc.) and is identified by name and title in a current
> QGIS, QIIS, QTIS, Verified Legal Opinion, Verified Accountant Letter,
> or by contacting the Applicant's using a Verified Method of
> Communication; or"
>
> 7. REPLACE newly renumbered subsection 11.14.1(1) (D) with "(D)
> Verified Method of Communication -- thirteen months "
>
> 8. REPLACE newly renumbered subsection 11.14.3(1)(C) with "The
> Verified Method of Communication required by Section 11.4.2 but still
> MUST perform the verification required by Section 11.4.2(2)(B);"
>
> 9. REPLACE newly renumbered subsection 11.8.2(2)(A) with "The Verified
> Method of Communication"
>
> 10. REPLACE newly renumbered subsection 11.9.2(1) with "The Verified
> Method of Communication"
>
> 11. REPLACE newly renumbered subsection 11.10.2 (1) with "The Verified
> Method of Communication"
>
> Motion Ends
>
> The review period for this ballot shall commence at 2200 UTC on
> Friday, 22 August 2014, and will close at 2200 UTC on Friday, 29
> August 2014. Unless the motion is withdrawn during the review period,
> the voting period will start immediately thereafter and will close at
> 2200 UTC on Friday, 5 September 2014. Votes must be cast by posting an
> on-list reply to this thread.
>
> A vote in favor of the motion must indicate a clear 'yes' in the
> response. A vote against must indicate a clear 'no' in the response. A
> vote to abstain must indicate a clear 'abstain' in the response.
> Unclear responses will not be counted. The latest vote received from
> any representative of a voting member before the close of the voting
> period will be counted. Voting members are listed here:
> https://cabforum.org/members/
>
> In order for the motion to be adopted, two thirds or more of the votes
> cast by members in the CA category and greater than 50% of the votes
> cast by members in the browser category must be in favor. Also, at
> least seven members must participate in the ballot, either by voting
> in favor, voting against, or abstaining.
>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
--
Regards
Signer: Eddy Nigg, COO/CTO
StartCom Ltd. <http://www.startcom.org>
XMPP: startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Twitter: Follow Me <http://twitter.com/eddy_nigg>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20140903/17b58f44/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4553 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cabforum.org/pipermail/public/attachments/20140903/17b58f44/attachment-0001.p7s>
More information about the Public
mailing list