[cabfpub] Require commonName in Root and Intermediate Certificates ballot draft (2)

Ryan Sleevi sleevi at google.com
Mon Apr 17 17:22:06 UTC 2017

On Mon, Apr 17, 2017 at 1:17 PM, Jeremy Rowley via Public <
public at cabforum.org> wrote:

> Why the sigh? I think we should have a bright-line rule about when the
> scope/date should be in the proposed ballot vs. when the scope/date must
> be in
> the document itself.  Otherwise, the objection to including a date in the
> ballot v. BR text seems arbitrary.  If I understand correctly, the accepted
> rule proposed is:
> 1) The only point in time action that matters is certificate issuance;
> 2) If BR change exempts future certificate issuance from a requirement, the
> requirement date must be specified in the BR language; and
> 3) If the BR change only exempts previously issued certificates, no
> exception
> or requirement date should be included in the ballot or BR language.
> A lot of the confusion/conflict originates on a perceived shift in the
> point
> of action. Previously, I've generally thought of the point of action of the
> BRs as the validation of the certificate data. Over the past year, we've
> clearly moved to certificate issuance being the point of action. This
> shift is
> fine, but I think it's worth explicitly stating.

I think you're mostly correct there. The only debate is whether #2 is
universally required.

That is, in the absence of an explicit date, the date is effective
"immediately", where "immediately" is defined as the completion of the
Ballot and the IP review period (meaning there's always at least 30 days of
buffer built-in). It's useful to understand what impact that could have,
and that's generally consistent with the request for a phase in. Is 30 days
phase in not sufficient? Could you explain why, and whether 60 days would
be sufficient (30 days following the adoption of the Ballot)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170417/63d0a230/attachment-0003.html>

More information about the Public mailing list