[cabfpub] Voting has started for Ballot 149

陳立群 realsky at cht.com.tw
Thu Jul 9 06:38:05 MST 2015


Chunghwa Telecom Co., Ltd.  votes ※Yes§ 

 

ㄗAs I have not yet received our vote after 6 hours, I resend it.ㄘ

 

Sincerely Yours,

 

                    Li-Chun CHEN

                    Engineer

                    CISSP, CISA, CISM, PMP,

                    Information & Communication Security Dept.

                    Data Communication Business Group

                    Chunghwa Telecom Co. Ltd.

                    realsky at cht.com.tw

                    +886-2-2344-4820#4025

 

 

 

 

From: 蠊堙瓮 [mailto:realsky at cht.com.tw] 
Sent: Thursday, July 09, 2015 3:45 PM
To: 'public at cabforum.org'
Subject: RE: [cabfpub] Voting has started for Ballot 149

 

Chunghwa Telecom Co., Ltd.  votes ※Yes§ 

 

Sincerely Yours,

 

                    Li-Chun CHEN

                    Engineer

                    CISSP, CISA, CISM, PMP,

                    Information & Communication Security Dept.

                    Data Communication Business Group

                    Chunghwa Telecom Co. Ltd.

                    realsky at cht.com.tw

                    +886-2-2344-4820#4025

 

From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On
Behalf Of Kirk Hall (RD-US)
Sent: Friday, July 03, 2015 9:11 AM
To: Sigbj帚rn Vik; public at cabforum.org
Subject: [cabfpub] Final editorial revision to Ballot 149 - voting begins
UTC 18:00 today

 

Good idea, Siggy.  Because this is editorial only, I'm changing the FINAL
ballot to reflect these changes (only requiring audits and websites using
the CA's certificates from CA applicants).

 

So the FINAL ballot (July 3, 2015) reads as below, and attached.  VOTING
BEGINS AT 18:00 UTC TODAY (two hours from now).

 

 

Kirk Hall of Trend Micro made the following motion and Jody Cloutier of
Microsoft, Wayne Thayer of GoDaddy, and Dean Coclin of Symantec endorsed it:

 

Ballot 149:  Revisions to Forum Membership Bylaw 2.1 (July 3, 2015)

 

2.1  Qualifying for Forum Membership

 

(a) CA/Browser Forum members shall meet at least one of the following
criteria.

 

(1) Issuing CA: The member organization operates a certification authority
that has a current and successful WebTrust for CAs audit, or ETSI 102042 or
ETSI 101456 audit report, prepared by a properly-qualified auditor, and
that actively issues certificates to Web servers that are openly accessible
from the Internet using any one of the mainstream browsers a browser
created by a Browser member.  Applicants that are not actively issuing
certificates but otherwise meet membership criteria may be granted
Associate Member status under Bylaw Sec. 3.1 for a period of time to be
designated by the Forum.  

 

(2) Root CA: The member organization operates a certification authority
that has a current and successful WebTrust for CAs audit, or ETSI 102042 or
ETSI 101456 audit report, prepared by a properly-qualified auditor, and
that actively issues certificates to subordinate CAs that, in turn,
actively issue certificates to Web servers that are openly accessible from
the Internet using any one of the mainstream browsers a browser created by
a Browser member.  Applicants that are not actively issuing certificates
but otherwise meet membership criteria may be granted Associate Member
status under Bylaw Sec. 3.1 for a period of time to be designated by the
Forum. 

 

(3) Browser: The member organization produces a software product intended
for use by the general public for browsing the Web securely.

 

(b) Applicants should supply the following information:

 

(1) Confirmation that the applicant satisfies at least one of the
membership criteria (and if it satisfies more than one, indication of the
single category under which the applicant wishes to apply).

 

(2) URL of the current qualifying performance audit report.

 

(3) ( 2) The organization name, as you wish it to appear on the Forum Web
site and in official Forum documents.

 

(4) (3) URL of the applicant's main Web site.

 

(5) (4) Names and email addresses of employees who will participate in the
Forum mail list. 

 

(6) (5) Emergency contact information for security issues related to
certificate trust.

 

(7) Links or references to issued certificates that demonstrate compliance
with all applicable certificate, CRL, and OCSP requirements.

 

CA Applicants should supply the following additional information:

 

(6) URL of the current qualifying performance audit report.

 

(7) Links or references to issued certificates that demonstrate compliance
with all applicable certificate, CRL, and OCSP requirements.

 

 

(c) An Applicant shall become a Member once the Forum has determined by
vote consensus among the Members during a teleconference or meeting that
the Applicant meets all of the requirements of subsection (a) or, upon the
request of any Member, by a Ballot among the Members. A vote of Acceptance
by consensus shall be determined or a Ballot of the Members shall be held
as soon as the Applicant indicates that it has presented all information
required under subsection (b) and has responded to all follow-up questions
from the Forum and the Member has complied with the requirements of Section
5.5.

-- Motion Ends --

The review period for this ballot shall commence at 18:00 UTC on June 26,
2015, and will close at 18:00 UTC on July 3, 2015. Unless the motion is
withdrawn during the review period, the voting period will start
immediately thereafter and will close at 18:00 UTC on July 10, 2015. Votes
must be cast by posting an on-list reply to this thread.

A vote in favor of the motion must indicate a clear 'yes' in the response.
A vote against must indicate a clear 'no' in the response. A vote to
abstain must indicate a clear 'abstain' in the response. Unclear responses
will not be counted. The latest vote received from any representative of a
voting member before the close of the voting period will be counted. Voting
members are listed here:  <https://cabforum.org/members/>
https://cabforum.org/members/

In order for the motion to be adopted, two thirds or more of the votes cast
by members in the CA category and greater than 50% of the votes cast by
members in the browser category must be in favor. Also, at least seven
members must participate in the ballot, either by voting in favor, voting
against, or abstaining.

 

 

-----Original Message-----
From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On
Behalf Of Sigbj帚rn Vik
Sent: Friday, July 03, 2015 2:31 AM
To: public at cabforum.org
Subject: Re: [cabfpub] Voting on Ballot 149 begins tomorrow

 

On 02-Jul-15 20:19,  <mailto:kirk_hall at trendmicro.com> kirk_hall at trendmicro.
com wrote:

 

[...]

> (b) Applicants should supply the following information:

[...]

> *(_7) Links or references to issued certificates that demonstrate 

> compliance with all applicable certificate, CRL, and OCSP 

> requirements._*

 

This doesn't make any sense for browser applicants. Neither does the
existing part (2), but with this addition this section becomes wronger.

 

How about a rewording to the following:

 

(b) Applicants should supply the following information:

(1)

(3)

(4)

(5)

(6)

CA applicants should additionally supply the following:

(2)

(7)

 

(Then renumber as necessary)

 

 

--

Sigbj帚rn Vik

Opera Software

_______________________________________________

Public mailing list

 <mailto:Public at cabforum.org> Public at cabforum.org

 <https://cabforum.org/mailman/listinfo/public>
https://cabforum.org/mailman/listinfo/public



 
TREND MICRO EMAIL NOTICE
The information contained in this email and any attachments is confidential 
and may be subject to copyright or other intellectual property protection. 
If you are not the intended recipient, you are not authorized to use or 
disclose this information, and we request that you notify us by reply mail
or
telephone and delete the original message from your mail system.

 



 
TREND MICRO EMAIL NOTICE
The information contained in this email and any attachments is confidential 
and may be subject to copyright or other intellectual property protection. 
If you are not the intended recipient, you are not authorized to use or 
disclose this information, and we request that you notify us by reply mail
or
telephone and delete the original message from your mail system.

 



本信件可能包含中華電信股份有限公司機密資訊,非指定之收件者,請勿蒐集、處理或利用本信件內容,並請銷毀此信件. 如為指定收件者,應確實保護郵件中本公司之營業機密及個人資料,不得任意傳佈或揭露,並應自行確認本郵件之附檔與超連結之安全性,以共同善盡資訊安全與個資保護責任. 
Please be advised that this email message (including any attachments) contains confidential information and may be legally privileged. If you are not the intended recipient, please destroy this message and all attachments from your system and do not further collect, process, or use them. Chunghwa Telecom and all its subsidiaries and associated companies shall not be liable for the improper or incomplete transmission of the information contained in this email nor for any delay in its receipt or damage to your system. If you are the intended recipient, please protect the confidential and/or personal information contained in this email with due care. Any unauthorized use, disclosure or distribution of this message in whole or in part is strictly prohibited. Also, please self-inspect attachments and hyperlinks contained in this email to ensure the information security and to protect personal information.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20150709/306eaf91/attachment-0001.html 


More information about the Public mailing list