[cabfpub] Ballot 185 - Limiting the Lifetime of Certificates

Scott Rea scott at scottrea.com
Sat Feb 11 18:56:33 UTC 2017 

G'day Gerv,

is it permissible to change the ballot applicability date without
invalidating the ballot? I thought Ryan indicated earlier this week it
was not possible to change anything once the ballot process had started...??

Can someone please clarify?

Regards,
-Scott

On 2/11/2017 9:49 PM, Gervase Markham via Public wrote:
> On 09/02/17 21:08, Ryan Sleevi via Public wrote:
>> Ballot 185 - Limiting the Lifetime of Certificates
>>
>> The following motion has been proposed by Ryan Sleevi of Google, Inc and
>> endorsed by Josh Aas of ISRG and Gervase Markham of Mozilla to introduce
> 
> Having endorsed this, I confess I was thinking more about the maximum
> certificate lifetime (which I do support as a target we need to get to,
> and soon) than about the lead time - which, by the time this ballot
> passes, will be about 2 months and a week. Given the level of ongoing
> engagement with the question, having agreed to endorse I was also a
> little surprised to see us enter the formal discussion period so soon.
> 
> In one sense, the argument that "this is just a change of a number in
> some certificate profiles" is right. In another sense, I accept that it
> does take time to adjust customer expectations, even if the different
> action required by said customer may be a year or more in the future.
> While it might be argued CAs should have asked their customers about the
> potential impact of this change after previous discussions, it's not
> reasonable to suggest that they should have been preparing them for its
> enactment before any ballot was passed.
> 
> There are some ways a lifetime ballot might be constructed to ease this
> difficulty, some of which even keep a May date for this first step, but
> they are not in the realm of the sort of minor adjustment historically
> permitted to ballots during the formal discussion period.
> 
> I therefore request that the applicability date in this ballot be
> changed from 1st May 2017 to, at the earliest, 24th August 2017, 6
> months after the ballot voting end date. 6 months has been floated
> before as a reasonable lead time for high-impact changes, so I hope this
> will remove that point of objection even for those who feel this change
> is high-impact.
> 
> As the voting period begins on Thu/Fri next week, I hope we can apply
> this change soon, and continue from there with a process of thoughtful
> listening and discussion on that basis.
> 
> Gerv
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
> 

-- 
Scott Rea, MSc, CISSP
Ph# (801) 874-4114

More information about the Public mailing list