[cabfpub] BRs section 9.16.3 (exception for laws)

Rich Smith richard.smith at comodo.com
Wed Apr 27 19:30:41 UTC 2016

None of this addresses a gag order by said jurisdiction, which IMO is 
quite likely in a case wherein a government put such a requirement on a 
CA, at least in any case where such deviation from the BRs is truly of 
any concern.  Dead man switch?

On 4/27/2016 12:44 PM, Ryan Sleevi wrote:
> Jeremy,
> I don't believe your proposal addresses the necessary transparency and 
> disclosure that the CA ecosystem needs for such matters. Is there a 
> reason you removed that language, or was it merely an oversight in 
> addressing the other issue you highlighted?
> On Wed, Apr 27, 2016 at 10:40 AM, Jeremy Rowley 
> <jeremy.rowley at digicert.com <mailto:jeremy.rowley at digicert.com>> wrote:
>     Some CAs may not "want" to deviate from a requirement but may be
>     forced to by regulation. They also won't "deviate from... these
>     Requirements" because the requirements are reformed to the extent
>     necessary to accommodate for the law.
>     How about:
>     __
>     _A CA that issues a certificate under a requirement reformed
>     through an action of a court or government body with jurisdiction
>     SHALL list the reformed requirement in Section 9.16.3 of the CA's
>     CPS prior to issuing a certificate and include (in Section 9.16.3
>     of the CA's CPS) a reference to the law or government order
>     requiring a reformation under this section ._
>     *From:*public-bounces at cabforum.org
>     <mailto:public-bounces at cabforum.org>
>     [mailto:public-bounces at cabforum.org
>     <mailto:public-bounces at cabforum.org>] *On Behalf Of *Gervase Markham
>     *Sent:* Wednesday, April 27, 2016 10:38 AM
>     *To:* CABFPub <public at cabforum.org <mailto:public at cabforum.org>>
>     *Subject:* [cabfpub] BRs section 9.16.3 (exception for laws)
>     Hi everyone,
>     At the last CAB Forum meeting, we had a discussion about BRs
>     section 9.16.3, and the possibility that it allows CAs to violate
>     the BRs without appropriate notification. After the CAB Forum
>     meeting, the following amendment (which I have tweaked) was
>     helpfully suggested by one participant in the conversation The aim
>     is to bring transparency, so anyone in violation under this clause
>     is at least documented, and we can consider revisions to the BRs
>     accordingly.
>     What do people think?
>     Gerv
>     *9.16.3. Severability*
>     If a court or government body with jurisdiction over the
>     activities covered by these Requirements determines that the
>     performance of any mandatory requirement is illegal, then such
>     requirement is considered reformed to the minimum extent necessary
>     to make the requirement valid and legal. This applies only to
>     operations or certificate issuances that are subject to the laws
>     of that jurisdiction. The parties involved SHALL notify the CA /
>     Browser Forum _by sending a detailed message to
>     _questions at cabforum.org <mailto:questions at cabforum.org>__of the
>     facts, circumstances, and law(s) involved, _and receiving
>     confirmation of the receipt of the message by the CA/Browser
>     Forum,_so that the CA/Browser Forum may _consider possible
>     revisions to these_ Requirements accordingly.
>     _Any CA that wants to deviate from any mandatory requirement of
>     these Requirements as written on the basis of this Section 9.16.3
>     must list all such non-conformity (including a reference to the
>     specific Requirement(s) subject to deviation) in Section 9.16.3 of
>     the CA's CPS before deviating from the Requirement(s), and include
>     in such disclosure the facts, circumstances, and law(s) involved. _
>     _______________________________________________
>     Public mailing list
>     Public at cabforum.org <mailto:Public at cabforum.org>
>     https://cabforum.org/mailman/listinfo/public
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160427/2a63e9e1/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4035 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160427/2a63e9e1/attachment-0001.p7s>

More information about the Public mailing list