[cabfpub] Cert Policy Working Group activity

Rich Smith richard.smith at comodo.com
Fri Sep 11 20:53:17 UTC 2015


I'm in agreement with Gerv here, though for different reasons.  If we're
converting the BR to 3647 format that, for the first step, should be ALL
that is done to it.  It's going to be hard enough to review and check for
completion and errors just shifting around the existing BR text.  Scope of
the working group aside, if the Forum as a whole even decides that merging
these two documents is a good idea, it is definitely NOT something that
should be done at the same time as completely re-arranging the current BRs.
It will be far too confusing and prone to possible errors, insertions or
omissions.  Obviously not everyone thinks it is even a good idea, therefore
I think that it's something that should be brought to a specific vote before
it's even begun.

In the BR reformat process the ONLY changes made should be those absolutely
required for the document to continue to make grammatical sense in its new
format.  Wherever possible the text from the existing document SHOULD be
copied to its new location verbatim without changes, and any changes made
MUST be documented rigorously so that they can be properly reviewed for
accuracy of original intent.  That's my two cents.  It seems to me that the
task of re-formatting the BR, if done to this standard, ought to be enough
of a task to not need to throw more at it by trying to merge another
document into it at the same time.

Regards,
Rich

> -----Original Message-----
> From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org]
> On Behalf Of Gervase Markham
> Sent: Friday, September 11, 2015 9:15 AM
> To: Dean Coclin; public at cabforum.org
> Subject: Re: [cabfpub] Cert Policy Working Group activity
> 
> Hi Dean,
> 
> On 10/09/15 21:48, Dean Coclin wrote:
> > As many are aware the Cert Policy Working Group of the CA/B Forum has
> > been working to transition the Baseline Requirements from the current
> > format to RFC 3647 format. As part of this effort, which has taken
> > quite a bit of time, it made sense to pull in the Network Security
> > Guidelines and merge them into the 3647 document.
> 
> I hate to be a killjoy, but I'm not sure it does make sense, but I also
> think it's out of scope for the CP Working Group, on a plain reading of
> the scope from Ballot 128, which set it up:
> 
> "Scope: The CP Review Working Group will (i) consider existing and
> proposed standards, (ii) create a list of potential improvements based
> on the considered standards that improve the existing CAB Forum work
> product, (iii) evaluate the transition to a 3647 format based on the
> amount."
> 
> [That last bullet seems to be poor English; I'm not entirely sure what
> "based on the amount" is supposed to mean. Amount of what? Why should
> the amount of potential improvements from NIST IR determine whether or
> not we convert to 3647? Anyway...]
> 
> The particular proposed standard in view when it was formed was the
> NIST IR guidelines. Merging two existing CAB Forum documents does not
> seem in scope to me.
> 
> Mozilla is not keen on merging the two documents because our root
> program requires adherence to the BRs but not to the Network Security
> guidelines.
> 
> > It became clear that
> > adding best practices from these various documents to the new work
> > product will serve to improve security for all CAs and the ecosystem
> > as a whole.
> 
> I would expect to see each change become an individual topic of
> discussion and perhaps a proposed ballot for the main Forum. Is that
> what you expect?
> 
> "Deliverables: The Working Group will produce topics of discussion and
> proposed ballots that improve the CA infrastructure based on existing
> standards and documents."
> 
> Gerv
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6378 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150911/972a3218/attachment-0003.bin>


More information about the Public mailing list