[cabfpub] Ballot 174 - Reform of Requirements Relating to Conflicts with Local Law

Gervase Markham gerv at mozilla.org
Tue Aug 2 09:44:33 UTC 2016


Here is a draft ballot on section 9.16.3. It has been wordsmithed a bit
to hopefully cover all situations and make it tighter. If anyone has
further comments, please provide them in a timely fashion :-) If there
are no substantive comments soon, I will begin the formal review period.

Gerv

*Ballot 174 - Reform of Requirements Relating to Conflicts with Local Law *

The following motion has been proposed by Gervase Markham of Mozilla and
endorsed by Kirk Hall of Entrust and Moudrick Dadashov of SSC:

*Statement of Intent:* The purpose of this change is to reform section
9.16.3 of the BRs, titled "Severability", which deals with what a CA
must do when it encounters a conflict between the requirements of a
jurisdiction under which it operates and the requirements of the BRs. At
the moment, this clause is triggered only by a court determination
rather than by the CA encountering a conflict, which makes it unlikely
to ever be triggered, and it requires notification to the CAB Forum but
not documentation of the outcome. The current clause is:

9.16.3. Severability

If a court or government body with jurisdiction over the activities
covered by these Requirements determines that the performance of any
mandatory requirement is illegal, then such requirement is considered
reformed to the minimum extent necessary to make the requirement valid
and legal. This applies only to operations or certificate issuances that
are subject to the laws of that jurisdiction.  The parties involved
SHALL notify the CA / Browser Forum of the facts, circumstances, and
law(s) involved, so that the CA/Browser Forum may revise these
Requirements accordingly.

*--Motion Begins--
*

*
*

Delete section 9.16.3 from the Baseline Requirements in its entirety and
replace it with the following:

9.16.3. Severability

In the event of a conflict between these Requirements and a law,
regulation or government order (hereinafter 'Law') of any jurisdiction
in which a CA operates or issues certificates, a CA MAY modify any
conflicting requirement to the minimum extent necessary to make the
requirement valid and legal in the jurisdiction. This applies only to
operations or certificate issuances that are subject to that Law. In
such event, the CA SHALL immediately (and prior to issuing a certificate
under the modified requirement) include in Section 9.16.3 of the CA’s
CPS a detailed reference to the Law requiring a modification of these
Requirements under this section, and the specific modification to these
Requirements implemented by the CA.

The CA MUST also (prior to issuing a certificate under the modified
requirements) notify the CA/Browser Forum of the relevant information
newly added to its CPS by sending a message to questions at cabforum.org
and receiving confirmation that it has been posted to the Public Mailing
List and is indexed in the Public Mail Archives available at
https://cabforum.org/pipermail/public/ (or such other email addresses
and links as the Forum may designate), so that the CA/Browser Forum may
consider possible revisions to these Requirements accordingly.

Any modification to CA practice enabled under this section MUST be
discontinued if and when the Law no longer applies, or these
Requirements are modified to make it possible to comply with both them
and the Law simultaneously. An appropriate change in practice,
modification to the CA’s CPS and a notice to the CA/Browser Forum, as
outlined above, MUST be made within 90 days.

CAs are required to make this change to their processes by a date 90
days from the date this ballot passes.


*--Motion Ends--
*


**

The review period for this ballot shall commence immediately and close
at 2200 UTC on XXX. Unless the motion is withdrawn during the review
period, the voting period will start immediately thereafter and will
close at 2200 UTC on XXX. Votes must be cast by posting an on-list reply
to this thread.

A vote in favor of the motion must indicate a clear 'yes' in the
response. A vote against must indicate a clear 'no' in the response. A
vote to abstain must indicate a clear 'abstain' in the response. Unclear
responses will not be counted. The latest vote received from any
representative of a voting member before the close of the voting period
will be counted. Voting members are listed here:
https://cabforum.org/members/

In order for the motion to be adopted, two thirds or more of the votes
cast by members in the CA category and greater than 50% of the votes
cast by members in the browser category must be in favor. Quorum is
currently ten (10) members – at least ten members must participate in
the ballot, either by voting in favor, voting against, or abstaining.

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160802/3d07d5c8/attachment-0002.html>


More information about the Public mailing list