[cabfpub] Ballots 141 and 142

Richard Wang richard at wosign.com
Thu Jan 15 02:00:57 UTC 2015

WoSign  votes “yes” on both Ballot 141 and Ballot 142



Best Regards,




From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On Behalf Of kirk_hall at trendmicro.com
Sent: Thursday, January 15, 2015 8:00 AM
To: CABFPub (public at cabforum.org)
Subject: [cabfpub] Ballots 141 and 142


Trend Micro votes “yes” on both Ballot 141 and Ballot 142.


I want to recap the history of these ballots.  I actually started the effort to delete the insurance requirements in the EV Guidelines in Ballot 121 last April, but it failed.  The insurance issue came up again later in 2014.  Ben Wilson did excellent research and proposed a new, more relevant set of insurance requirements for EV certs in Ballot 133, but that ballot also failed.


At that point, I talked to a number of other CAs, and it seemed to me that we should again try to delete the current EV insurance requirements (because most people believe they are not particularly useful as applied to CAs and their work in issuing certs), but that it would be more responsible to combine that step with the addition of a new financial responsibility requirement – namely, that CAs take on some financial responsibility for the DV and OV certs they issue (not just for EV certs, like we have today in EVGL Section 18 – that sets a minimum CA liability of $2,000 per subscriber or relying party per EV cert).  


I would also like to follow up with discussion of minimum capital requirements for CAs, another step to establish financial responsibility for CAs in favor of their customers and the public who rely on certs.  Maybe we should look one more time at insurance as well, and try to follow the insurance requirements of some countries for qualified certificates.


I think certs and encryption will become even more important for internet security in the next few years, and so I think CAs should take additional steps to stand behind their products .  This will be good for CAs as a whole, and good for the internet as well.


Kirk R. Hall

Operations Director, Trust Services

Trend Micro



The information contained in this email and any attachments is confidential 
and may be subject to copyright or other intellectual property protection. 
If you are not the intended recipient, you are not authorized to use or 
disclose this information, and we request that you notify us by reply mail or
telephone and delete the original message from your mail system.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150115/de7f5d27/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5075 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150115/de7f5d27/attachment-0001.p7s>

More information about the Public mailing list