[cabfpub] Sunset for exceptions?
Peter Bowen
pzb at amzn.com
Tue Feb 2 12:14:44 UTC 2016
I think more than enough full members have agreed to propose and endorse:
Richard Barnes of Mozilla
Eddy Nigg of StartCom
Jeremy Rowley of DigiCert
Adriano Santoni of Actalis
Ryan Sleevi of Google
Can whoever doles out ballot numbers please assign a number and can the review period please be initiated?
Thanks,
Peter
> On Jan 19, 2016, at 10:27 PM, Peter Bowen <pzb at amzn.com> wrote:
>
> How about this?
>
> Ballot XXX - Sunset of exceptions
>
> The following motion has been proposed by ______________ of _________ and endorsed by __________ of _________ and _________ of _________.
>
> -----BEGIN MOTION-----
>
> 1) Modify section 6.1.7 of the Baseline Requirements to add items 5(f) and 5(g) which read:
>
> f. The CA signs the Subscriber Certificate on or before June 30, 2016
>
> g. The notBefore field in the Subscriber Certificate has a date on or before June 30, 2016
>
> 2) Modify section 6.3.2 of the Baseline Requirements to replace the words "Beyond 1 April 2015" with the words "Until 30 June 2016"
>
> -----END MOTION-----
>
>
>> On Jan 19, 2016, at 10:06 PM, Eddy Nigg <eddy_nigg at startcom.org <mailto:eddy_nigg at startcom.org>> wrote:
>>
>> Dito.
>>
>> On 01/20/2016 01:25 AM, Jeremy Rowley wrote:
>>> I’m happy to make the motion or endorse removal of these exceptions.
>>> <>
>>> From: public-bounces at cabforum.org <mailto:public-bounces at cabforum.org> [mailto:public-bounces at cabforum.org <mailto:public-bounces at cabforum.org>] On Behalf Of Peter Bowen
>>> Sent: Tuesday, January 19, 2016 4:09 PM
>>> To: Ryan Sleevi
>>> Cc: CABFPub
>>> Subject: Re: [cabfpub] Sunset for exceptions?
>>>
>>> On Jan 19, 2016, at 2:57 PM, Ryan Sleevi <sleevi at google.com <mailto:sleevi at google.com>> wrote:
>>> On Tue, Jan 19, 2016 at 11:27 AM, Peter Bowen <pzb at amzn.com <mailto:pzb at amzn.com>> wrote:
>>> The BRs contain at least two allowances for “legacy” certificate issuance:
>>>
>>> 6.1.7 (5) allows direct issuance of subscriber certificates from a root CA
>>>
>>> 6.3.2 allows certificates with validity periods longer than 39 months
>>>
>>> Are these still needed? Are CAs relying upon these exceptions? If not, does it make sense to ballot to remove these from the BRs?
>>>
>>> Peter, I'd be happy to support a ballot if you want to propose one. That tends to be the only way to get timely responses - the discussion period of the ballot.
>>>
>>> As an Associate Member, I cannot propose ballots. Only those who have a full period-of-time audit can propose ballots. Or at least that is my read of the bylaws.
>>>
>>>
>>>
>>> _______________________________________________
>>> Public mailing list
>>> Public at cabforum.org <mailto:Public at cabforum.org>
>>> https://cabforum.org/mailman/listinfo/public <https://cabforum.org/mailman/listinfo/public>
>>
>> --
>> Regards
>>
>> Signer: Eddy Nigg, COO/CTO
>> StartCom Ltd. <http://www.startcom.org/>
>> XMPP: startcom at startcom.org <xmpp:startcom at startcom.org>
>> Blog: Join the Revolution! <http://blog.startcom.org/>
>> Twitter: Follow Me <http://twitter.com/eddy_nigg>
>>
>> _______________________________________________
>> Public mailing list
>> Public at cabforum.org <mailto:Public at cabforum.org>
>> https://cabforum.org/mailman/listinfo/public <https://cabforum.org/mailman/listinfo/public>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160202/caec5bbb/attachment-0002.html>
More information about the Public
mailing list