[cabfpub] Cert Policy Working Group activity

Dean Coclin Dean_Coclin at symantec.com
Wed Sep 16 15:31:03 UTC 2015

Thanks Gerv, we will discuss at the next Policy WG meeting.


-----Original Message-----
From: Gervase Markham [mailto:gerv at mozilla.org]
Sent: Wednesday, September 16, 2015 4:51 AM
To: Dean Coclin; richard.smith at comodo.com; public at cabforum.org
Subject: Re: [cabfpub] Cert Policy Working Group activity

On 15/09/15 20:39, Dean Coclin wrote:
> On #2, the group felt that RFC 3647 contains the exact placeholders
> for the items currently in the network security requirements and
> that's why it made sense to merge those in. As many of you know, the
> Network Security requirements were composed after the Diginotar and
> Comodo incidents to address a gap in the BRs. Although they are not as
> stringent as some would have liked, they do provide meaningful
> improvements to the security of the ecosystem, with an opportunity for
> further enhancement as we review them again.

I have no objection to making people's lives easier... but if the Network 
Security Requirements were converted to an independent document in RFC3647 
format (and particularly if both documents were Markdown) then doing an 
automatic merge of the two, using the section numbers, to produce an 
unofficial unified document would be the work of a fairly short script, which 
I would be willing to write.

Is that a way forward which meets people's usability goals without formally 
combining the two documents?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5747 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150916/f74b7451/attachment-0001.p7s>

More information about the Public mailing list