[cabfpub] Ballot 190

Jeremy Rowley jeremy.rowley at digicert.com
Thu Apr 27 20:00:45 UTC 2017


Ben let me know that there were questions about Ballot 190. The ballot was
withdrawn and hasn't gone to vote yet because of Section 2:

 

"This provisions of Ballot Section 1 will apply only to the validation of
domain names occurring after this Ballot 190's effective date.  Validation
of domain names that occurs before this Ballot's effective date and the
resulting validation data may continue to be used for the periods specified
in BR 4.2.1 and EVGL 11.14.3 so long as the validations were conducted in
compliance with the BR Section 3.2.2.4 validation methods in effect at the
time of each validation."

 

I couldn't tell if the objection to this section was the section not being
part of the Baseline Requirements or a general concern that CAs may have
issued certificates using the "any other method" that will remain valid for
potentially four years (for a re-issue that relies on a previous
validation). 

 


Assuming the first issue is the primary concern, the following language was
proposed in the validation working group for inclusion in the BRs:

"Note: The changes to BR 3.2.2.4.1 through 3.2.2.4.10 will apply only to the
validation of domain names occurring on or after [insert Ballot 190's
effective date if it passes and completes its Review Period].  Validation of
domain names that occurs before [insert Ballot 190's effective date if it
passes and completes its Review Period] and the resulting validation data
may continue to be used for the periods specified in BR 4.2.1 and EVGL
11.14.3 so long as the validations were conducted in compliance with the BR
Section 3.2.2.4 validation methods in effect at the time of each
validation."

 

Rather than go through multiple iterations and have this ballot potentially
fail, can we do a quick straw poll? 

 

1.	Does the proposed language resolve the previous concern with Ballot
190?
2.	If not, should section 2 be dropped entirely. 
3.	If section 2 remains, would you vote against the ballot?
4.	If section 2 was dropped, would you vote for the ballot? 
5.	Is there other language you'd prefer to see included instead? 

 

Jeremy

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170427/333d5108/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4964 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170427/333d5108/attachment.p7s>


More information about the Public mailing list