[cabfpub] ballot 171-updating ETSI Standards in CABF documents

Eddy Nigg eddy_nigg at startcom.org
Tue Jun 28 02:09:26 MST 2016


Another YES from StartCom

On 06/24/2016 06:56 PM, Ben Wilson wrote:
>
> I've updated the text in GitHub and in so doing made a few minor 
> grammatical changes to the proposed revision of section 17.4 of the EV 
> Guidelines so  that it would read as follows:
>
> (4)  If the CA does not have a currently valid WebTrust Seal of 
> Assurance for CAs or an ETSI TS 102 042 EVCP audit or an ETSI EN 319 
> 411-1 audit for EVCP policy, then, before issuing EV Certificates, the 
> CA and its Root CA MUST successfully complete either: (i) a 
> point-in-time readiness assessment audit against the WebTrust for CA 
> Program, or (ii) a point-in-time readiness assessment audit against 
> the WebTrust EV Program, the ETSI TS 102 042 EVCP, or the ETSI EN 319 
> 411-1 for EVCP policy.
>
> IMHO -- I  think we could start voting on the  revised ballot at 2200 
> UTC because the changes to the language have been relatively minor 
> since the ballot was released last week.
>
> Ben
>
> *From:* public-bounces at cabforum.org 
> [mailto:public-bounces at cabforum.org] *On Behalf Of *Barreira Iglesias, 
> Iñigo
> *Sent:* Friday, June 24, 2016 4:47 AM
> *To:* 'public at cabforum.org' <public at cabforum.org>
> *Subject:* [cabfpub] ballot 171-updating ETSI Standards in CABF documents
>
> Hi,
>
> This is how the ballot will look like accepting the changes proposed 
> by Erwann. As this has been done during the review period, and then 
> the changes accepted during this period, would be enough to resubmit 
> again as it is, or should we go thru another review period of 1 week. 
> I´m not familiar with the procedure so if it´s ok as it´s now, the 
> voting period will start tonight I think.
>
> Regards
>
> *Ballot 171 -- Updating the ETSI standards in the CABF documents*
>
> The following motion has been proposed by Iñigo Barreira of Izenpe and 
> endorsed by Mads Henriksveen of Buypass, Jochem van den Berge of 
> Logius PKIoverheid and Arno Fiedler of D-trust
>
> -- MOTION BEGINS --
>
> *In the BRs,*
>
> In section 1.6.3 References, change:
>
> ETSI TS 119 403, Electronic Signatures and Infrastructures (ESI); 
> Trust Service Provider Conformity Assessment - General Requirements 
> and Guidance.
>
> With
>
> ETSI EN 319 403, Electronic Signatures and Infrastructures (ESI); 
> Trust Service Provider Conformity Assessment - Requirements for 
> conformity assessment bodies assessing Trust Service Providers
>
> and add:
>
> ETSI EN 319 411-1, Electronic Signatures and Infrastructures (ESI); 
> Policy and security requirements for Trust Service Providers issuing 
> certificates;
>
> Part 1: General requirements
>
> In section 8.2 Identity/qualification of assessor, point 4, change:
>
> 4. (For audits conducted in accordance with any one of the ETSI 
> standards) accredited in accordance with ETSI TS 119 403, or 
> accredited to conduct such audits under an equivalent national scheme, 
> or accredited by a national accreditation body in line with ISO 27006 
> to carry out ISO 27001 audits;
>
> With
>
> 4. (For audits conducted in accordance with any one of the ETSI 
> standards) accredited in accordance with ISO 17065 applying the 
> requirements specified in ETSI EN 319 403;
>
> In section 8.4 Topics covered by assessment, point 2, change:
>
> 2. A national scheme that audits conformance to ETSI TS 102 042;
>
> With
>
> 2. A national scheme that audits conformance to ETSI TS 102 042/ ETSI 
> EN 319 411-1;
>
> *In the EV guidelines,*
>
> In section 8.2.1 Implementation, point (B), change:
>
> (B)Implement the requirements of (i) the then-current WebTrust Program 
> for CAs, and (ii) the then-current WebTrust
>
> EV Program or ETSI TS 102 042; and
>
> With
>
> (B)Implement the requirements of (i) the then-current WebTrust Program 
> for CAs, and (ii) the then-current WebTrust
>
> EV Program or ETSI TS 102 042 for EVCP or ETSI EN 319 411-1 for EVCP 
> policy; and
>
> In section 8.2.2 Disclosure, change:
>
> The CA is also REQUIRED to publicly disclose its CA business practices 
> as required by both WebTrust for CAs and ETSI TS 102 042.
>
> With
>
> The CA is also REQUIRED to publicly disclose its CA business practices 
> as required by WebTrust for CAs and ETSI TS 102 042 and ETSI EN 319 411-1.
>
> In section 17.1 Eligible audit schemes, point (ii), change:
>
> (ii) ETSI TS 102 042 audit
>
> With
>
> (ii) ETSI TS 102 042 audit for EVCP, or
>
> (iii) ETSI EN 319 411-1 audit for EVCP policy
>
> In section 17.4 pre-issuance readiness audit, after point (2), add:
>
> (3) If the CA has a currently valid ETSI EN 319 411-1 audit for EVCP 
> policy, then, before issuing EV Certificates, the CA and its Root CA 
> MUST successfully complete a point-in-time readiness assessment audit 
> against ETSI EN 319 411-1 for EVCP.
>
> and change:
>
> (3) If the CA does not have a currently valid WebTrust Seal of 
> Assurance for CAs or an ETSI 102 042 audit, then, before
>
> issuing EV Certificates, the CA and its Root CA MUST successfully 
> complete either: (i) a point-in-time readiness
>
> assessment audit against the WebTrust for CA Program, or (ii) a 
> point-in-time readiness assessment audit against the
>
> WebTrust EV Program, or an ETSI TS 102 042 audit.
>
> With
>
> (4) If the CA does not have a currently valid WebTrust Seal of 
> Assurance for CAs or or an ETSI TS 102 042 EVCP or an ETSI EN 319 
> 411-1 audit for EVCP policy, then, before issuing EV Certificates, the 
> CA and its Root CA MUST successfully complete either: (i) a 
> point-in-time readiness assessment audit against the WebTrust for CA 
> Program, or (ii) a point-in-time readiness assessment audit against 
> the WebTrust EV Program, or an ETSI TS 102 042 EVCP, or an ETSI EN 319 
> 411-1 for EVCP policy.
>
> -- MOTION ENDS --
>
> The review period for this ballot shall commence at 2200 UTC on 17 
> June 2016, and will close at 2200 UTC on 24 June 2016. Unless the 
> motion is withdrawn during the review period, the voting period will 
> start immediately thereafter and will close at 2200 UTC on 1 July 
> 2016. Votes must be cast by posting an on-list reply to this thread.
>
> A vote in favor of the motion must indicate a clear 'yes' in the 
> response. A vote against must indicate a clear 'no' in the response. A 
> vote to abstain must indicate a clear 'abstain' in the response. 
> Unclear responses will not be counted. The latest vote received from 
> any representative of a voting member before the close of the voting 
> period will be counted. Voting members are listed here: 
> https://cabforum.org/members/
>
> In order for the motion to be adopted, two thirds or more of the votes 
> cast by members in the CA category and greater than 50% of the votes 
> cast by members in the browser category must be in favor. Quorum is 
> currently ten (10) members-- at least ten members must participate in 
> the ballot, either by voting in favor, voting against, or abstaining.
>
> *Iñigo Barreira*
> Responsable del Área técnica
> i-barreira at izenpe.eus <mailto:i-barreira at izenpe.eus>
>
> 945067705
>
> Descripción: firma_email_Izenpe_eus
>
> ERNE! Baliteke mezu honen zatiren bat edo mezu osoa legez babestuta 
> egotea. Mezua badu bere hartzailea. Okerreko helbidera heldu bada 
> (helbidea gaizki idatzi, transmisioak huts egin) eman abisu igorleari, 
> korreo honi erantzuna. KONTUZ!
> ATENCION! Este mensaje contiene informacion privilegiada o 
> confidencial a la que solo tiene derecho a acceder el destinatario. Si 
> usted lo recibe por error le agradeceriamos que no hiciera uso de la 
> informacion y que se pusiese en contacto con el remitente.
>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public

-- 
Regards
Signer: 	Eddy Nigg, COO/CTO
	StartCom Ltd. <http://www.startcom.org>
XMPP: 	startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: 	Join the Revolution! <http://blog.startcom.org>
Twitter: 	Follow Me <http://twitter.com/eddy_nigg>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20160628/6c8a1f71/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 24339 bytes
Desc: not available
Url : https://cabforum.org/pipermail/public/attachments/20160628/6c8a1f71/attachment-0001.jpe 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4313 bytes
Desc: S/MIME Cryptographic Signature
Url : https://cabforum.org/pipermail/public/attachments/20160628/6c8a1f71/attachment-0001.bin 


More information about the Public mailing list