[cabfpub] Ballot 197 – Effective Date of Ballot 193 Provisions (amended April 26)

Arno Fiedler arno.fiedler at nimbus-berlin.com
Sat Apr 29 13:03:16 UTC 2017


Ballot 197  D-TRUST votes: "Yes"

Best regards
Arno
On 4/26/2017 8:45 AM, Kirk Hall via Public wrote:
>>
>> *Ballot 197 – Effective Date of Ballot 193 Provisions (amended April 26)*
>>
>> **
>>
>> Recent Ballot 193 reduced the maximum period for certificates and for 
>> reuse of vetting data for DV and OV certificates from 39 months to 
>> 825 days.  The effective date for reducing the maximum validity 
>> period of certificates was specified as March 1, 2018, but no 
>> effective date was specified for when the reduction of the maximum 
>> period for reuse of vetting data becomes effective.
>>
>> It was the intention of the authors of Ballot 193 that the effective 
>> date for reducing the maximum period for reuse of vetting data under 
>> BR 4.2.1 would also be March 1, 2018.  This ballot is intended to 
>> clarify that intention. The ballot also makes these changes 
>> retroactive to the effective date of Ballot 193 so there is no gap 
>> period.
>>
>> Ballot 193 is in the Review Period (which will end on April 22, 
>> 2017), and has not yet taken effect.  Bylaw 2.3 states that Ballots 
>> should include a “redline or comparison showing the set of changes 
>> from the Final Guideline section(s) intended to become a Final 
>> Maintenance Guideline” and that “[s]uch redline or comparison shall 
>> be made against the Final Guideline section(s) as they exist at the 
>> time a ballot is proposed”.
>>
>> To avoid confusion, this Ballot will show the proposed changes to BR 
>> 4.2.1 will be presented two ways: (1) a comparison of the changes to 
>> BR 4.2.1 as it existed before Ballot 193 (which is as BR 4.2.1 exists 
>> at this time this ballot is proposed), and also (2) a comparison of 
>> the changes to BR 4.2.1 as it will exist after the Review Period for 
>> Ballot 193 is completed (assuming no Exclusion Notices are filed).
>>
>> The following motion has been proposed by Chris Bailey of Entrust 
>> Datacard and endorsed by Ben Wilson of DigiCert, and Wayne Thayer of 
>> GoDaddy to introduce new Final Maintenance Guidelines for the 
>> "Baseline Requirements Certificate Policy for the Issuance and 
>> Management of Publicly-Trusted Certificates" (Baseline Requirements) 
>> and the "Guidelines for the Issuance and Management of Extended 
>> Validation Certificates" (EV Guidelines).
>>
>> -- MOTION BEGINS --
>>
>> *_Ballot Section 1_*
>>
>> *__*
>>
>> BR 4.2.1 is amended to read as follows:
>>
>> /[Ballot amendments shown against BR 4.2.1 _as it currently exists 
>> without the changes adopted in Ballot 193_]/
>>
>> *BR 4.2.1. Performing Identification and Authentication Functions*
>>
>> The certificate request MAY include all factual information about the 
>> Applicant to be included in the Certificate, and such additional 
>> information as is necessary for the CA to obtain from the Applicant 
>> in order to comply with these Requirements and the CA’s Certificate 
>> Policy and/or Certification Practice Statement. In cases where the 
>> certificate request does not contain all the necessary information 
>> about the Applicant, the CA SHALL obtain the remaining information 
>> from the Applicant or, having obtained it from a reliable, 
>> independent, third‐party data source, confirm it with the Applicant. 
>> The CA SHALL establish and follow a documented procedure for 
>> verifying all data requested for inclusion in the Certificate by the 
>> Applicant.
>>
>> Applicant information MUST include, but not be limited to, at least 
>> one Fully‐Qualified Domain Name or IP address to be included in the 
>> Certificate’s SubjectAltName extension.
>>
>> Section 6.3.2 limits the validity period of Subscriber Certificates. 
>> The CA MAY use the documents and data provided in Section 3.2 to 
>> verify certificate information, provided that*_:_* /the CA obtained 
>> the data or document from a source specified under Section 3.2 no 
>> more than thirty//‐//nine (39) months prior to issuing the Certificate./
>>
>> *_(1) Prior to March 1, 2018, the CA obtained the data or document 
>> from a source specified under Section 3.2 no more than 39 months 
>> prior to issuing the Certificate; and_*
>>
>> *_(2) On or after March 1, 2018, the CA obtained the data or document 
>> from a source specified under Section 3.2 no more than 825 days prior 
>> to issuing the Certificate. _*
>>
>> *__*
>>
>> The CA SHALL develop, maintain, and implement documented procedures 
>> that identify and require additional verification activity for High 
>> Risk Certificate Requests prior to the Certificate’s approval, as 
>> reasonably necessary to ensure that such requests are properly 
>> verified under these Requirements.
>>
>> If a Delegated Third Party fulfills any of the CA’s obligations under 
>> this section, the CA SHALL verify that the process used by the 
>> Delegated Third Party to identify and further verify High Risk 
>> Certificate Requests provides at least the same level of assurance as 
>> the CA’s own processes.
>>
>> /[Ballot amendments shown against BR 4.2.1 _as it existed after 
>> Ballot 193 was approved_]/
>>
>> *BR 4.2.1. Performing Identification and Authentication Functions*
>>
>> The certificate request MAY include all factual information about the 
>> Applicant to be included in the Certificate, and such additional 
>> information as is necessary for the CA to obtain from the Applicant 
>> in order to comply with these Requirements and the CA’s Certificate 
>> Policy and/or Certification Practice Statement. In cases where the 
>> certificate request does not contain all the necessary information 
>> about the Applicant, the CA SHALL obtain the remaining information 
>> from the Applicant or, having obtained it from a reliable, 
>> independent, third‐party data source, confirm it with the Applicant. 
>> The CA SHALL establish and follow a documented procedure for 
>> verifying all data requested for inclusion in the Certificate by the 
>> Applicant.
>>
>> Applicant information MUST include, but not be limited to, at least 
>> one Fully‐Qualified Domain Name or IP address to be included in the 
>> Certificate’s SubjectAltName extension.
>>
>> Section 6.3.2 limits the validity period of Subscriber Certificates. 
>> The CA MAY use the documents and data provided in Section 3.2 to 
>> verify certificate information, provided that*_:_* /the CA obtained 
>> the data or document from a source specified under Section 3.2 no 
>> more than 825 days**prior to issuing the Certificate./
>>
>> *_(1) Prior to March 1, 2018, the CA obtained the data or document 
>> from a source specified under Section 3.2 no more than 39 months 
>> prior to issuing the Certificate; and_*
>>
>> *_(2) On or after March 1, 2018, the CA obtained the data or document 
>> from a source specified under Section 3.2 no more than 825 days prior 
>> to issuing the Certificate. _*
>>
>> The CA SHALL develop, maintain, and implement documented procedures 
>> that identify and require additional verification activity for High 
>> Risk Certificate Requests prior to the Certificate’s approval, as 
>> reasonably necessary to ensure that such requests are properly 
>> verified under these Requirements.
>>
>> If a Delegated Third Party fulfills any of the CA’s obligations under 
>> this section, the CA SHALL verify that the process used by the 
>> Delegated Third Party to identify and further verify High Risk 
>> Certificate Requests provides at least the same level of assurance as 
>> the CA’s own processes.
>>
>> *_Ballot Section 2_*
>>
>> The provisions of Ballot Section 1 will be effective retroactive to 
>> the effective date of Ballot 193.
>>
>> *_Ballot Section 3 _*
>>
>> _The vote on Ballot 194 and the Review Period notice issued for 
>> Ballot 194 are hereby declared null and void and of no effect, and 
>> are rescinded_.
>>
>> **
>>
>> *--Motion Ends--*
>>
>> The procedure for approval of this Final Maintenance Guideline ballot 
>> is as follows (exact start and end times may be adjusted to comply 
>> with applicable Bylaws and IPR Agreement):
>>
>> BALLOT 197
>>
>> Status: Final Maintenance Guideline
>>
>> 	
>>
>> Start time (22:00 UTC)
>>
>> 	
>>
>> End time (22:00 UTC)
>>
>> Discussion (7 to 14 days)
>>
>> 	
>>
>> April 19, 2017
>>
>> 	
>>
>> April 26, 2017
>>
>> Vote for approval (7 days)
>>
>> 	
>>
>> April 26, 2017
>>
>> 	
>>
>> May 3, 2017
>>
>> If vote approves ballot: Review Period (Chair to send Review Notice) 
>> (30 days).
>>
>> If Exclusion Notice(s) filed, ballot approval is rescinded and PAG to 
>> be created.
>>
>> If no Exclusion Notices filed, ballot becomes effective at end of 
>> Review Period.
>>
>> 	
>>
>> Upon filing of Review Notice by Chair
>>
>> 	
>>
>> 30 days after filing of Review Notice by Chair
>>
>> From Bylaw 2.3: If the Draft Guideline Ballot is proposing a Final 
>> Maintenance Guideline, such ballot will include a redline or 
>> comparison showing the set of changes from the Final Guideline 
>> section(s) intended to become a Final Maintenance Guideline, and need 
>> not include a copy of the full set of guidelines.  Such redline or 
>> comparison shall be made against the Final Guideline section(s) as 
>> they exist at the time a ballot is proposed, and need not take into 
>> consideration other ballots that may be proposed subsequently, except 
>> as provided in Bylaw Section 2.3(j).
>>
>> Votes must be cast by posting an on-list reply to this thread on the 
>> Public list.  A vote in favor of the motion must indicate a clear 
>> 'yes' in the response. A vote against must indicate a clear 'no' in 
>> the response. A vote to abstain must indicate a clear 'abstain' in 
>> the response. Unclear responses will not be counted. The latest vote 
>> received from any representative of a voting member before the close 
>> of the voting period will be counted. Voting members are listed here: 
>> https://cabforum.org/members/
>>
>> In order for the motion to be adopted, two thirds or more of the 
>> votes cast by members in the CA category and greater than 50% of the 
>> votes cast by members in the browser category must be in favor. 
>> Quorum is shown on CA/Browser Forum wiki.  Under Bylaw 2.2(g), at 
>> least the required quorum number must participate in the ballot for 
>> the ballot to be valid, either by voting in favor, voting against, or 
>> abstaining.
>>
>>
>>
>> _______________________________________________
>> Public mailing list
>> Public at cabforum.org
>> https://cabforum.org/mailman/listinfo/public
>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public

-- 
Arno Fiedler
Nimbus Technologieberatung GmbH
Reichensteiner Weg 17
14195 Berlin
Mobil:      0049-(0)172-3053272
Fax:        0049-(0)30-89745-777
E-Mail:     arno.fiedler at nimbus-berlin.com
Web:        www.nimbus-berlin.com
Geschäftsführer:  Arno Fiedler
USt-IdNr. :       DE 203 269 920
D-U-N-S® Nr.      50-730-8117
HandelsregisterNr:HRB 109409 B

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170429/7d30fca8/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: arno_fiedler.vcf
Type: text/x-vcard
Size: 302 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170429/7d30fca8/attachment-0003.vcf>


More information about the Public mailing list