[cabfpub] Ballot 168: Baseline Requirements Corrections (Revised)
Andrew R. Whalley
awhalley at google.com
Thu Apr 28 21:46:06 UTC 2016
I made the changes in a git branch to more easily see the diffs:
(And just sent a pull request in case it's useful in the official repo,
though it could probably do with a double check)
On Tue, Apr 26, 2016 at 1:10 PM, kirk_hall at trendmicro.com <
kirk_hall at trendmicro.com> wrote:
> Peter, is it possible for you to post the ballot also in a "track changes"
> mode? That way, we will not all be required to pull out a copy of the BRs
> to understand what your proposed changes are.
> Sent from my iPhone
> > On Apr 26, 2016, at 9:44 AM, Peter Bowen <pzb at amzn.com> wrote:
> > Thank you to HARICA and Comodo for endorsing. With that the review
> period is now open. If anyone has comments or objections, please reply on
> > Thanks,
> > Peter
> > Ballot 168: Baseline Requirements Corrections (Revised)
> > The following motion has been proposed by Peter Bowen of Amazon and
> endorsed by Dimitris Zacharopoulos of HARICA and Rich Smith of Comodo:
> > Background:
> > A number of small corrections and clarifications to the Baseline
> Requirements have been identified. These are, in general, changes that
> reflect the existing understanding of the Baseline Requirements by the
> Forum. Due to the understanding that these primarily represent existing
> practice, they are combined for efficiency.
> > -- MOTION BEGINS --
> > Effective the date of passage, the following modifications to the
> Baseline Requirements are adopted:
> > In Section 1.6.1:
> > * In the definition of "Applicant Representative", replace "and agrees
> the CA" at the end of the definition;
> > * In the definition of "Country", replace "soverign nation" with
> "Soverign State";
> of the definition;
> > In Section 1.6.3:
> > * Delete RFC2560;
> > * Insert "RFC6960, Request for Comments: 6960, X.509 Internet Public Key
> Infrastructure Online Certificate Status Protocol - OCSP. Santesson, Myers,
> Ankney, Malpani, Galperin, Adams, June 2013.";
> > * Delete X.509v3
> > * Insert "X.509, Recommendation ITU-T X.509 (10/2012) | ISO/IEC
> 9594-8:2014 (E), Information technology – Open Systems Interconnection –
> The Directory: Public-key and attribute certificate frameworks."
> > Move the content in section 3.3.1 to section 4.2.1 to become the third
> paragraph in 4.2.1 and leave section 3.3.1 blank.
> > In section 4.9.9, replace all occurrences of "RFC2560" with "RFC6960".
> > In section 5.2.2, insert "CA" immediately before "Private Key".
> > In section 6.1.2, append "without authorization by the Subscriber" to
> the end of the first sentence.
> > In section 6.1.6, update the last citation to read: "[Source: Sections
> 126.96.36.199.2 and 188.8.131.52.3, respectively, of NIST SP 56A: Revision 2]"
> > In section 6.2, in the second sentence, insert "CA" immediately before
> both instances of "Private Key".
> > In section 6.2.5, append "without authorization by the Subordinate CA"
> to the end of the sentence.
> > In sections 184.108.40.206(e) and 220.127.116.11(h) change the organizationName line
> to read:
> > - organizationName (OID 18.104.22.168): This field MUST be present and the
> contents MUST contain either the Subject CA’s name or DBA as verified under
> Section 22.214.171.124. The CA may include information in this field that differs
> slightly from the verified name, such as common variations or
> abbreviations, provided that the CA documents the difference and any
> abbreviations used are locally accepted abbreviations; e.g., if the
> official record shows “Company Name Incorporated”, the CA MAY use “Company
> Name Inc.” or “Company Name”.
> > In section 126.96.36.199(d), replace the text with “The cA field MUST NOT be
> > Replace "Subordiate" with "Subordinate" in the title of 188.8.131.52.
> > In section 9.6.1 item 6:
> > * Insert "are the same entity or" immediately prior to "are Affiliated";
> > * Remove "and accepted".
> > In section 9.6.3 item 2, replace "maintain sole control" with "assure
> > In the following sections, replace all occurrences of "Subscriber or
> > * Section 1.6.1, in the definition of "Subscriber"
> > * Section 4.1.2
> > * Section 184.108.40.206
> > * Section 4.9.11
> > * Section 9.6.1
> > * Section 9.6.3
> > -- MOTION ENDS --
> > The review period for this ballot shall commence at 1740 UTC on 26 April
> 2016, and will close at 2200 UTC on 3 May 2016. Unless the motion is
> withdrawn during the review period, the voting period will start
> immediately thereafter and will close at 2200 UTC on 10 May 2016. Votes
> must be cast by posting an on-list reply to this thread.
> > A vote in favor of the motion must indicate a clear 'yes' in the
> response. A vote against must indicate a clear 'no' in the response. A vote
> to abstain must indicate a clear 'abstain' in the response. Unclear
> responses will not be counted. The latest vote received from any
> representative of a voting member before the close of the voting period
> will be counted. Voting members are listed here:
> > _______________________________________________
> > Public mailing list
> > Public at cabforum.org
> > https://cabforum.org/mailman/listinfo/public
> <table class="TM_EMAIL_NOTICE"><tr><td><pre>
> TREND MICRO EMAIL NOTICE
> The information contained in this email and any attachments is confidential
> and may be subject to copyright or other intellectual property protection.
> If you are not the intended recipient, you are not authorized to use or
> disclose this information, and we request that you notify us by reply mail
> telephone and delete the original message from your mail system.
> Public mailing list
> Public at cabforum.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Public