[cabfpub] Ballot 160 - Amend Section 4 of Baseline Requirements

Moudrick M. Dadashov md at ssc.lt
Tue Feb 2 19:38:52 MST 2016 

SSC votes: "Yes".

Thanks,
M.D.

On 1/26/2016 5:02 PM, Ben Wilson wrote:
>
> Thanks, Ryan.  Here is the amended Ballot 160:
>
> Ballot 160 - Amend Section 4 of Baseline Requirements
>
> The Policy Review Working Group has reviewed Section 4 of the Baseline 
> Requirements and, as a result, suggests that certain changes be made. 
> Therefore, the following motion has been proposed by Ben Wilson of 
> DigiCert and endorsed by Tim Hollebeek of Trustwave and Kirk Hall of 
> TrendMicro:
>
> -- MOTION BEGINS --
>
> 1) In Sections 4.2.3, 4.3.2, 4.4.1, 4.4.2, 4.4.3, 4.5.2, 4.6.1, 4.6.2, 
> 4.6.3, 4.6.4, 4.6.5, 4.6.6, 4.6.7., 4.7.1, 4.7.2, 4.7.3, 4.7.4, 4.7.5, 
> 4.7.6, 4.7.7, 4.8.1, 4.8.2, 4.8.3, 4.8.4, 4.8.5, 4.8.6, 4.8.7, 4.9.4, 
> 4.9.8, 4.10.3, 4.11, and 4.12.1, add "No stipulation."
>
> 2) In Sections 4.9.14, 4.9.15, 4.9.16, and 4.12.2, add "Not applicable."
>
> 3) In Section 4.5.1, add "See Section 9.6.3, provisions 2. and 4."
>
> 4) In Section 4.9.2, add "The Subscriber, RA, or Issuing CA can 
> initiate revocation. Additionally, Subscribers, Relying Parties, 
> Application Software Suppliers, and other third parties may submit 
> Certificate Problem Reports informing the Issuing CA of reasonable 
> cause to revoke the certificate. "
>
> 5) In Section 4.9.6, add "No stipulation. (Note: Following certificate 
> issuance, a certificate may be revoked for reasons stated in Section 
> 4.9.1. Therefore, relying parties should check the revocation status 
> of all certificates that contain a CDP or OCSP pointer.)"
>
> -- MOTION ENDS --
>
> The review period for this ballot shall commence at 2300 UTC on 21 
> January 2016, and will close at 2300 UTC on 28 January 2016. Unless 
> the motion is withdrawn during the review period, the voting period 
> will start immediately thereafter and will close at 2300 UTC on 4 
> February 2016. Votes must be cast by posting an on-list reply to this 
> thread.
>
> A vote in favor of the motion must indicate a clear 'yes' in the 
> response. A vote against must indicate a clear 'no' in the response. A 
> vote to abstain must indicate a clear 'abstain' in the response. 
> Unclear responses will not be counted. The latest vote received from 
> any representative of a voting member before the close of the voting 
> period will be counted. Voting members are listed here: 
> https://cabforum.org/members/
>
> In order for the motion to be adopted, two thirds or more of the votes 
> cast by members in the CA category and greater than 50% of the votes 
> cast by members in the browser category must be in favor. Quorum is 
> currently nine (9) members– at least nine members must participate in 
> the ballot, either by voting in favor, voting against, or abstaining.
>
> *From:*Ryan Sleevi [mailto:sleevi at google.com]
> *Sent:* Friday, January 22, 2016 8:05 PM
> *To:* Ben Wilson <ben.wilson at digicert.com>
> *Cc:* CABFPub <public at cabforum.org>
> *Subject:* Re: [cabfpub] Ballot 160 - Amend Section 4 of Baseline 
> Requirements
>
> On Thu, Jan 21, 2016 at 2:51 PM, Ben Wilson <ben.wilson at digicert.com 
> <mailto:ben.wilson at digicert.com>> wrote:
>
>     Ballot 160 - Amend Section 4 of Baseline Requirements
>
>     The Policy Review Working Group has reviewed Section 4 of the
>     Baseline Requirements and, as a result, suggests that certain
>     changes be made. Therefore, the following motion has been proposed
>     by Ben Wilson of DigiCert and endorsed by Tim Hollebeek of
>     Trustwave and Kirk Hall of TrendMicro:
>
>     -- MOTION BEGINS --
>
>     4) In Section 4.9.2, add "The Subscriber can initiate revocation.
>     Third parties can request revocation in accordance with Section
>     4.9.3. See also Section 3.4."
>
> Ben, sorry for the delay in replying to your suggestion. I provided 
> the justification in the other thread (Ballot 159), but my suggestion was:
>
> "The Subscriber, RA, or Issuing CA can initiate revocation. 
> Additionally, Subscribers, Relying Parties, Application Software 
> Suppliers, and other third parties may submit Certificate Problem 
> Reports [to the Issuing CA? informing the issuing CA?] of reasonable 
> cause to revoke the certificate."
>
> How does that work for you and the endorsers?
>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20160203/efdb08cb/attachment.html

More information about the Public mailing list