[cabfpub] Ballot 217: Sunset RFC 2527

Enric Castillo enric.castillo at anf.es
Wed Dec 20 22:29:46 UTC 2017


ANF Autoridad de Certificación votes yes.


El 07/12/2017 a las 11:52, Ryan Sleevi via Public escribió:
> *Ballot 217: Sunset RFC 2527*
>
> Purpose of Ballot: The Baseline Requirements and Extended Validation 
> Guidelines require that CA's disclosures of the Certificate Policy 
> and/or Certification Practice Statements include all of the material 
> required by either RFC 2527 or RFC 3647 and structured in accordance 
> with RFC 2527 or RFC 3647.
>
> RFC 2527 is an obsolete RFC, published in 1999, and replaced by RFC 
> 3647 in 2003. This sunsets the use of RFC 2527, ensuring that CAs' 
> disclosures will follow a consistent pattern across the industry, 
> facilitating easier review by Subscribers, Browsers, and the broader 
> community. Based upon Member feedback, 6 months is provided for CAs to 
> review and update their CP/CPS documents.
>
> This motion aligns the language to be consistent between the BRs and 
> the EVGs. For the benefit of minimal changes, this aligns the existing 
> language through duplication, rather than attempting to incorporate 
> the BRs by reference.
>
> The following motion has been proposed by Ryan Sleevi of Google and 
> endorsed by Tim Hollebeek of DigiCert and Dimitris Zacharopoulos of 
> HARICA.
>
> *-- MOTION BEGINS --*
>
> This ballot modifies the "Baseline Requirements for the Issuance and 
> Management of Publicly-Trusted Certificates" as follows, based upon 
> Version 1.5.1:
>
> In Section 2.2, replace the text:
> "The CA SHALL publicly disclose its Certificate Policy and/or 
> Certification Practice Statement through an appropriate and readily 
> accessible online means that is available on a 24x7 basis. The CA 
> SHALL publicly disclose its CA business practices to the extent 
> required by the CA's selected audit scheme (see Section 8.1). The 
> disclosures MUST include all the material required by RFC 2527 or RFC 
> 3647, and MUST be structured in accordance with either RFC 2527 or RFC 
> 3647. "
>
> with the following:
> "The CA SHALL publicly disclose its Certificate Policy and/or 
> Certification Practice Statement through an appropriate and readily 
> accessible online means that is available on a 24x7 basis. The CA 
> SHALL publicly disclose its CA business practices to the extent 
> required by the CA's selected audit scheme (see Section 8.1).
>
> Effective as of 31 May 2018, the Certificate Policy and/or 
> Certification Practice Statement MUST be structured in accordance with 
> RFC 3647. Prior to 31 May 2018, the Certificate Policy and/or 
> Certification Practice Statement MUST be structured in accordance with 
> either RFC 2527 or RFC 3647. The Certificate Policy and/or 
> Certification Practice Statement MUST include all material required by 
> RFC 3647 or, if structured as such, RFC 2527."
>
>
>
> This ballot modifies the "Guidelines for the Issuance and Management 
> of Extended Validation Certificates" as follows, based on Version 1.6.6:
>
> In Section 8.2.2, replace the text:
> "Each CA MUST publicly disclose their EV Policies through an 
> appropriate and readily accessible online means that is available on a 
> 24x7 basis.  The CA is also REQUIRED to publicly disclose its CA 
> business practices as required by WebTrust for CAs and ETSI TS 102 042 
> and ETSI EN 319 411-1. The disclosures MUST be structured in 
> accordance with either RFC 2527 or RFC 3647."
>
> With the following:
> "Each CA MUST publicly disclose its Certificate Policy and/or 
> Certification Practice Statement through an appropriate and readily 
> accessible online means that is available on a 24x7 basis. The CA 
> SHALL publicly disclose its CA business practices to the extent 
> required by the CA's selected audit scheme (see Section 17.1).
>
> Effective as of 31 May 2018, the CA's Certificate Policy and/or 
> Certification Practice Statement MUST be structured in accordance with 
> RFC 3647. Prior to 31 May 2018, the CA's Certificate Policy and/or 
> Certification Practice Statement MUST be structured in accordance with 
> either RFC 2527 or RFC 3647. The Certificate Policy and/or 
> Certification Practice Statement MUST include all material required by 
> RFC 3647 or, if structured as such, RFC 2527."
>
> *-- MOTION ENDS --*
>
> The procedure for approval of this ballot is as follows:
>
> Discussion (7 to 14 days)
> Start Time: 2017-12-07 22:00:00 UTC
> End Time: 2017-12-14 22:00:00 UTC
>
> Vote for approval (7 days)
> Start Time: 2017-12-14 22:00:00 UTC
> End Time: 2017-12-21 22:00:00 UTC
>
> Votes must be cast by posting an on-list reply to this thread on the 
> Public list. A vote in favor of the motion must indicate a clear 'yes' 
> in the response. A vote against must indicate a clear 'no' in the 
> response. A vote to abstain must indicate a clear 'abstain' in the 
> response. Unclear responses will not be counted. The latest vote 
> received from any representative of a voting member before the close 
> of the voting period will be counted. Voting members are listed here: 
> https://cabforum.org/members/
>
> In order for the motion to be adopted, two thirds or more of the votes 
> cast by members in the CA category and greater than 50% of the votes 
> cast by members in the browser category must be in favor. Quorum is 
> shown on CA/Browser Forum wiki. Under Bylaw 2.2(g), at least the 
> required quorum number must participate in the ballot for the ballot 
> to be valid, either by voting in favor, voting against, or abstaining.
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public

-- 
ANF AC - Autoridad de certificación 	*Enric Castillo *
/Gerente Región LATAM /
ANF Autoridad de Certificación
[Teléfono] +34 626818285 /(Celular)/
[Dirección] Gran Vía de Les Corts Catalanes 996, Barcelona
[Teléfono] +593 0 996483798 /(Celular)/
[Teléfono] +593 2 2550002
[Dirección] Av. 12 de Octubre N24-562 y Luis Cordero, Edif. World Trade 
Center, Torre A, Piso 11, Ofi. 1102, Quito
[Dirección de Skype] castillo.enric
[Dirección de correo electrónico] enric.castillo at anf.es
[Dirección Web] www.anf.es

	

*AVISO*
Este mensaje se dirige exclusivamente a su destinatario y puede contener 
información privilegiada o confidencial y/o datos de carácter personal, 
cuya difusión está regulada por la Ley Orgánica de Protección de Datos y 
la Ley de Servicios de la Sociedad de la Información. Si usted no es el 
destinatario indicado (o el responsable de la entrega al mismo), no debe 
copiar o entregar este mensaje a terceros bajo ningún concepto. Si ha 
recibido este mensaje por error o lo ha conseguido por otros medios, le 
rogamos que nos lo comunique inmediatamente por esta misma vía y proceda 
a su eliminación irreversible. Las opiniones, conclusiones y demás 
informaciones incluidas en este mensaje que no estén relacionadas con 
asuntos profesionales de ANF Autoridad de Certificación no están 
respaldadas por la empresa.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20171220/5b115b4f/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: bhjeohijpnafbeki.png
Type: image/png
Size: 4746 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20171220/5b115b4f/attachment-0021.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gbemgnjfgmheinhc.png
Type: image/png
Size: 3311 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20171220/5b115b4f/attachment-0022.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: kcikinldoadankfl.png
Type: image/png
Size: 1822 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20171220/5b115b4f/attachment-0023.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fpfagnmkhdmokaho.png
Type: image/png
Size: 3873 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20171220/5b115b4f/attachment-0024.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nfanipcambjnoddn.png
Type: image/png
Size: 3246 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20171220/5b115b4f/attachment-0025.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ajmanopcklcodlmi.png
Type: image/png
Size: 3712 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20171220/5b115b4f/attachment-0026.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: acnhpmkdeklliipp.png
Type: image/png
Size: 21794 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20171220/5b115b4f/attachment-0027.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3568 bytes
Desc: Firma criptogr��fica S/MIME
URL: <http://lists.cabforum.org/pipermail/public/attachments/20171220/5b115b4f/attachment-0003.p7s>


More information about the Public mailing list