[cabfpub] Sunset for exceptions?

Peter Bowen pzb at amzn.com
Tue Feb 2 12:14:44 UTC 2016


I think more than enough full members have agreed to propose and endorse:
Richard Barnes of Mozilla
Eddy Nigg of StartCom
Jeremy Rowley of DigiCert
Adriano Santoni of Actalis
Ryan Sleevi of Google

Can whoever doles out ballot numbers please assign a number and can the review period please be initiated?

Thanks,
Peter

> On Jan 19, 2016, at 10:27 PM, Peter Bowen <pzb at amzn.com> wrote:
> 
> How about this?
> 
> Ballot XXX - Sunset of exceptions
> 
> The following motion has been proposed by ______________ of _________ and endorsed by __________ of _________ and _________ of _________.
> 
> -----BEGIN MOTION-----
> 
> 1) Modify section 6.1.7 of the Baseline Requirements to add items 5(f) and 5(g) which read:
> 
> f. The CA signs the Subscriber Certificate on or before June 30, 2016 
> 
> g. The notBefore field in the Subscriber Certificate has a date on or before June 30, 2016
> 
> 2) Modify section 6.3.2 of the Baseline Requirements to replace the words "Beyond 1 April 2015" with the words "Until 30 June 2016"
> 
> -----END MOTION-----
> 
> 
>> On Jan 19, 2016, at 10:06 PM, Eddy Nigg <eddy_nigg at startcom.org <mailto:eddy_nigg at startcom.org>> wrote:
>> 
>> Dito.
>> 
>> On 01/20/2016 01:25 AM, Jeremy Rowley wrote:
>>> I’m happy to make the motion or endorse removal of these exceptions. 
>>>   <>
>>> From: public-bounces at cabforum.org <mailto:public-bounces at cabforum.org> [mailto:public-bounces at cabforum.org <mailto:public-bounces at cabforum.org>] On Behalf Of Peter Bowen
>>> Sent: Tuesday, January 19, 2016 4:09 PM
>>> To: Ryan Sleevi
>>> Cc: CABFPub
>>> Subject: Re: [cabfpub] Sunset for exceptions?
>>>  
>>> On Jan 19, 2016, at 2:57 PM, Ryan Sleevi <sleevi at google.com <mailto:sleevi at google.com>> wrote:
>>> On Tue, Jan 19, 2016 at 11:27 AM, Peter Bowen <pzb at amzn.com <mailto:pzb at amzn.com>> wrote:
>>> The BRs contain at least two allowances for “legacy” certificate issuance:
>>> 
>>> 6.1.7 (5) allows direct issuance of subscriber certificates from a root CA
>>> 
>>> 6.3.2 allows certificates with validity periods longer than 39 months
>>> 
>>> Are these still needed?  Are CAs relying upon these exceptions?  If not, does it make sense to ballot to remove these from the BRs?
>>>  
>>> Peter, I'd be happy to support a ballot if you want to propose one. That tends to be the only way to get timely responses - the discussion period of the ballot. 
>>>  
>>> As an Associate Member, I cannot propose ballots.  Only those who have a full period-of-time audit can propose ballots.  Or at least that is my read of the bylaws.
>>>  
>>> 
>>> 
>>> _______________________________________________
>>> Public mailing list
>>> Public at cabforum.org <mailto:Public at cabforum.org>
>>> https://cabforum.org/mailman/listinfo/public <https://cabforum.org/mailman/listinfo/public>
>> 
>> -- 
>> Regards 
>>  
>> Signer: 	Eddy Nigg, COO/CTO
>>  	StartCom Ltd. <http://www.startcom.org/>
>> XMPP: 	startcom at startcom.org <xmpp:startcom at startcom.org>
>> Blog: 	Join the Revolution! <http://blog.startcom.org/>
>> Twitter: 	Follow Me <http://twitter.com/eddy_nigg>
>>  
>> _______________________________________________
>> Public mailing list
>> Public at cabforum.org <mailto:Public at cabforum.org>
>> https://cabforum.org/mailman/listinfo/public <https://cabforum.org/mailman/listinfo/public>
> 
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160202/caec5bbb/attachment-0002.html>


More information about the Public mailing list