[cabfpub] Ballot 146 - Convert Baseline Requirements to RFC 3647 Framework

Dean Coclin Dean_Coclin at symantec.com
Fri Mar 20 15:31:58 UTC 2015


OK, we can circle back on this around April 3rd.


Dean

 

From: Ryan Sleevi [mailto:sleevi at google.com] 
Sent: Friday, March 20, 2015 12:21 AM
To: Ben Wilson
Cc: CABFPub; Dean Coclin
Subject: RE: [cabfpub] Ballot 146 - Convert Baseline Requirements to RFC 3647 Framework

 

Thanks Ben, Dean, and for everyone who has worked so hard in contributing to this effort.

Seeing how hard it has been for CAs to meet the Baseline Requirements, and how frequently they have still passed their audits with flying colors while doing egregious violations, I'm profoundly appreciative of the work to make the BRs (and EVGs) something that more people can crosscheck and review against CA's CP/CPSes. My hope is that everything was able to be successfully captured, and I appreciate the extra time to review and provide further questions.

On Mar 19, 2015 9:01 PM, "Ben Wilson" <ben.wilson at digicert.com> wrote:

I’m fine, too, with adding one additional week to the ballot review period and then extending it another week if needed.

 

From: Dean Coclin [mailto:Dean_Coclin at symantec.com] 
Sent: Thursday, March 19, 2015 6:58 PM
To: Ryan Sleevi; Ben Wilson
Cc: CABFPub
Subject: RE: [cabfpub] Ballot 146 - Convert Baseline Requirements to RFC 3647 Framework

 

I would be supportive of extending this. It sounds like the benefits were made evident in your recent review of CPS documents and we hope others will also feel the same. 

 

Dean

 

From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On Behalf Of Ryan Sleevi
Sent: Thursday, March 19, 2015 6:35 PM
To: Ben Wilson
Cc: CABFPub
Subject: Re: [cabfpub] Ballot 146 - Convert Baseline Requirements to RFC 3647 Framework

 

Thanks for continuing to push on this, Ben.

 

>From our point of view, this is a huge change. It's probably a good one (as discussed during the F2F, this could be tremendously helpful). But it's going to take a lot of careful review for us to cross-check the CP Review WG's work, in part because I can't seem to find public archives that might be able to answer questions.

 

Because of this, I'm not sure if we'll be able to complete the review by the time the ballot closes. If that happens, we may decide to vote against it, simply on the "needs more time", even though, as discussed during the F2F, I think we'd be quite supportive of this effort (having reviewed several CA's CP/CPS this week, I certainly found myself using the draft as a helpful crib sheet).

 

Since we haven't really looked closely at this until the discussions at the most recent F2F, would you and the cosponsors be willing to delay starting this ballot by a week (or two), and/or seek to extend the review period? This is probably the single largest change the Forum has ever proposed, and I want to make sure it gets the due attention it deserves, while also not delaying it indefinitely for "more review".

 

Would that be something you would be OK with?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150320/2749a7da/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6130 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150320/2749a7da/attachment-0001.p7s>


More information about the Public mailing list