[cabfpub] Ballot 168: Baseline Requirements Corrections (Revised)

陳立群 realsky at cht.com.tw
Tue May 10 05:39:08 MST 2016 

Chunghwa Telecom Co., Ltd.  votes “Yes” 

 

Sincerely Yours,

 

                    Li-Chun CHEN

                    Senior Engineer

                    CISSP, CISA, CISM, PMP,

                    Information & Communication Security Dept.

                    Data Communication Business Group

                    Chunghwa Telecom Co. Ltd.

                    realsky at cht.com.tw

                    +886-2-2344-4820#4025

 

 

On 05/04/2016 06:59 AM, Peter Bowen wrote:

This ballot opened for voting a few hours ago.  I hope everyone will take the opportunity to submit a vote, regardless of date the IPR agreement was submitted.  Please don’t let that discussion hold up voting.
 
Amazon votes YES.
 

On Apr 26, 2016, at 9:44 AM, Peter Bowen  <mailto:pzb at amzn.com> <pzb at amzn.com> wrote:
 
Thank you to HARICA and Comodo for endorsing.  With that the review period is now open.  If anyone has comments or objections, please reply on list.
 
Thanks,
Peter
 
Ballot 168: Baseline Requirements Corrections (Revised)
 
The following motion has been proposed by Peter Bowen of Amazon and endorsed by Dimitris Zacharopoulos of HARICA and Rich Smith of Comodo:
 
Background:
 
A number of small corrections and clarifications to the Baseline Requirements have been identified.  These are, in general, changes that reflect the existing understanding of the Baseline Requirements by the Forum.  Due to the understanding that these primarily represent existing practice, they are combined for efficiency.
 
-- MOTION BEGINS --
 
Effective the date of passage, the following modifications to the Baseline Requirements are adopted:
 
In Section 1.6.1:
* In the definition of "Applicant Representative", replace "and agrees to the Certificate Terms of Use" with "the Terms of Use" and append "or is the CA" at the end of the definition;
* In the definition of "Country", replace "sovereign nation" with "Sovereign State";
* In the definition of "Terms of Use", append "or is the CA" at the end of the definition;
 
In Section 1.6.3:
* Delete RFC2560;
* Insert "RFC6960, Request for Comments: 6960, X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP. Santesson, Myers, Ankney, Malpani, Galperin, Adams, June 2013.";
* Delete X.509v3
* Insert "X.509, Recommendation ITU-T X.509 (10/2012) | ISO/IEC 9594-8:2014 (E), Information technology – Open Systems Interconnection – The Directory: Public-key and attribute certificate frameworks." 
 
Move the content in section 3.3.1 to section 4.2.1 to become the third paragraph in 4.2.1 and leave section 3.3.1 blank.
 
In section 4.9.9, replace all occurrences of "RFC2560" with "RFC6960".
 
In section 5.2.2, insert "CA" immediately before "Private Key".
 
In section 6.1.2, append "without authorization by the Subscriber" to the end of the first sentence.
 
In section 6.1.6, update the last citation to read: "[Source: Sections 5.6.2.3.2 and 5.6.2.3.3, respectively, of NIST SP 56A: Revision 2]"
 
In section 6.2, in the second sentence, insert "CA" immediately before both instances of "Private Key".
 
In section 6.2.5, append "without authorization by the Subordinate CA" to the end of the sentence.
 
 
In sections 7.1.2.1(e) and 7.1.2.2(h) change the organizationName line to read:
 -  organizationName (OID 2.5.4.10): This field MUST be present and the contents MUST contain either the Subject CA’s name or DBA as verified under Section 3.2.2.2. The CA may include information in this field that differs slightly from the verified name, such as common variations or abbreviations, provided that the CA documents the difference and any abbreviations used are locally accepted abbreviations; e.g., if the official record shows “Company Name Incorporated”, the CA MAY use “Company Name Inc.” or “Company Name”.
 
In section 7.1.2.3(d), replace the text with “The cA field MUST NOT be true."
 
Replace "Subordiate" with "Subordinate" in the title of 7.1.6.3.
 
In section 9.6.1 item 6:
* Insert "are the same entity or" immediately prior to "are Affiliated";
* Remove "and accepted".
 
In section 9.6.3, replace "agreement to the Terms of Use agreement." with "acknowledgement of the Terms of Use."
 
In section 9.6.3 item 2, replace "maintain sole control" with "assure control".
 
In the following sections, replace all occurrences of "Subscriber or Terms of Use Agreement" with "Subscriber Agreement or Terms of Use".
* Section 1.6.1, in the definition of "Subscriber"
* Section 4.1.2
* Section 4.9.1.1
* Section 4.9.11
* Section 9.6.1
* Section 9.6.3
 
-- MOTION ENDS --
 
The review period for this ballot shall commence at 1740 UTC on 26 April 2016, and will close at 2200 UTC on 3 May 2016. Unless the motion is withdrawn during the review period, the voting period will start immediately thereafter and will close at 2200 UTC on 10 May 2016. Votes must be cast by posting an on-list reply to this thread.
 
A vote in favor of the motion must indicate a clear 'yes' in the response. A vote against must indicate a clear 'no' in the response. A vote to abstain must indicate a clear 'abstain' in the response. Unclear responses will not be counted. The latest vote received from any representative of a voting member before the close of the voting period will be counted. Voting members are listed here: https://cabforum.org/members/
 
_______________________________________________
Public mailing list
Public at cabforum.org
https://cabforum.org/mailman/listinfo/public

 
_______________________________________________
Public mailing list
Public at cabforum.org
https://cabforum.org/mailman/listinfo/public

 

-- 


Regards 


 


Signer: 

Eddy Nigg, COO/CTO


 

StartCom Ltd. <http://www.startcom.org> 


XMPP: 

startcom at startcom.org


Blog: 

Join the Revolution! <http://blog.startcom.org> 


Twitter: 

Follow Me <http://twitter.com/eddy_nigg> 


 

 



本信件可能包含中華電信股份有限公司機密資訊,非指定之收件者,請勿蒐集、處理或利用本信件內容,並請銷毀此信件. 如為指定收件者,應確實保護郵件中本公司之營業機密及個人資料,不得任意傳佈或揭露,並應自行確認本郵件之附檔與超連結之安全性,以共同善盡資訊安全與個資保護責任. 
Please be advised that this email message (including any attachments) contains confidential information and may be legally privileged. If you are not the intended recipient, please destroy this message and all attachments from your system and do not further collect, process, or use them. Chunghwa Telecom and all its subsidiaries and associated companies shall not be liable for the improper or incomplete transmission of the information contained in this email nor for any delay in its receipt or damage to your system. If you are the intended recipient, please protect the confidential and/or personal information contained in this email with due care. Any unauthorized use, disclosure or distribution of this message in whole or in part is strictly prohibited. Also, please self-inspect attachments and hyperlinks contained in this email to ensure the information security and to protect personal information.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20160510/6b59bd44/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6674 bytes
Desc: not available
Url : https://cabforum.org/pipermail/public/attachments/20160510/6b59bd44/attachment-0001.bin

More information about the Public mailing list