[cabfpub] Voting has started on Ballot 180 - ends January 7

Robin Alden robin at comodo.com
Fri Jan 6 03:56:58 MST 2017


Comodo votes 'yes'.

 

Regards
Robin Alden
Comodo

 

From: Public [mailto:public-bounces at cabforum.org] On Behalf Of Kirk Hall via
Public
Sent: 02 January 2017 18:28
To: CA/Browser Forum Public Discussion List <public at cabforum.org>
Cc: Kirk Hall <Kirk.Hall at entrustdatacard.com>
Subject: [cabfpub] Voting has started on Ballot 180 - ends January 7

 

The voting period for Ballot 180 has started, and will continue until
January 7, 2017 at 22:00 UTC.  The ballot is shown below.  Please vote this
week on this ballot and also on Ballot 181.  Bylaw 2.2(d) says "All voting
will take place online via the members' electronic mailing list", so voting
should take place on the management list, management at cabforum.org
<mailto:management at cabforum.org> .   

 

 

Ballot 180 - Readopting the BRs, EVGL, EV Code Signing, and NCSSR Guidelines
with Amendments 

 

The following motion has been proposed by Kirk Hall of Entrust and endorsed
by Peter Bowen of Amazon and Virginia Fournier of Apple as a Final
Guideline:

 

-- MOTION BEGINS -

 

In accordance with the Bylaws and Intellectual Property Rights (IPR) Policy
of the CA/Browser Forum (the "Forum"), the following Guidelines:

 

*	Baseline Requirements Certificate Policy for the Issuance and
Management of Publicly-Trusted Certificates (BRs)
*	Guidelines for the Issuance and Management of Extended Validation
Certificates (EVGL)
*	Guidelines for the Issuance and Management of Extended Validation
Code Signing Certificates, and 
*	Network and Certificate System Security Requirements,

 

all as previously approved by all ballots up to and including Ballot 175,
are hereby readopted by this Ballot, with the following amendments.

 

1.  BR 3.2.2.4 is amended to read in its entirety as follows:

 

3.2.2.4 Validation of Domain Authorization or Control

 

This section defines the permitted processes and procedures for validating
the Applicant's ownership or control of the domain.

 

The CA SHALL confirm that, as of the date the Certificate issues, either the
CA or a Delegated Third Party has validated each Fully-Qualified Domain Name
(FQDN) listed in the Certificate by using any method of confirmation,
provided that the CA maintains documented evidence that the method of
confirmation establishes that the Applicant is the Domain Name Registrant or
has control over the Fully Qualified Domain Name (FQDN).

 

Completed confirmations of Applicant authority may be valid for the issuance
of multiple certificates over time. In all cases, the confirmation must have
been initiated within the time period specified in the relevant requirement
(such as Section 3.3.1 of this document) prior to certificate issuance. For
purposes of domain validation, the term Applicant includes the Applicant's
Parent Company, Subsidiary Company, or Affiliate.

 

2.  EVGL 11.7 is amended to read in its entirety as follows:

 

11.7.1. Verification Requirements

 

(1) For each Fully-Qualified Domain Name listed in a Certificate, other than
a Domain Name with .onion in the rightmost label of the Domain Name, the CA
SHALL confirm that, as of the date the Certificate was issued, the Applicant
(or the Applicant's Parent Company, Subsidiary Company, or Affiliate,
collectively referred to as "Applicant" for the purposes of this section)
either is the Domain Name Registrant or has control over the FQDN using a
procedure specified in Section 3.2.2.4 of the Baseline Requirements. For a
Certificate issued to a Domain Name with .onion in the right-most label of
the Domain Name, the CA SHALL confirm, as of the date the Certificate was
issued, the Applicant's control over the .onion Domain Name in accordance
with Appendix F.

 

(2) Mixed Character Set Domain Names: EV Certificates MAY include Domain
Names containing mixed character sets only in compliance with the rules set
forth by the domain registrar. The CA MUST visually compare any Domain Names
with mixed character sets with known high risk domains. If a similarity is
found, then the EV Certificate Request MUST be flagged as High Risk. The CA
must perform reasonably appropriate additional authentication and
verification to be certain beyond reasonable doubt that the Applicant and
the target in question are the same organization.

 

The proposer and endorsers of this Ballot may withdraw this Ballot at any
time prior to completion of the final vote for approval, in which case the
Ballot will not proceed further.

 

-- MOTION ENDS - 

 

The procedure for this Maintenance Guideline ballot is as follows (exact
start and end times may be adjusted to comply with applicable Bylaws and IPR
Agreement):

 


BALLOT 180

Status: Final Guideline

Start time (22:00 UTC)

End time (22:00 UTC)


Discussion (7 days)

Oct. 25, 2016

Nov. 1, 2016


Review Period (Chair to send Review Notice) (60 days).  

If Exclusion Notice(s) filed, PAG to be created and no further action until
PAG recommendations received.

If no Exclusion Notice(s) filed, proceed to:

Nov. 1, 2016

Dec. 31, 2016


Vote for approval (7 days)

Dec. 31, 2016

Jan. 7, 2017

 

Votes must be cast by posting an on-list reply to this thread on the Public
list. 

 

A vote in favor of the motion must indicate a clear 'yes' in the response. A
vote against must indicate a clear 'no' in the response. A vote to abstain
must indicate a clear 'abstain' in the response. Unclear responses will not
be counted. The latest vote received from any representative of a voting
member before the close of the voting period will be counted. Voting members
are listed here:  <https://cabforum.org/members/>
https://cabforum.org/members/ 

 

In order for the motion to be adopted, two thirds or more of the votes cast
by members in the CA category and greater than 50% of the votes cast by
members in the browser category must be in favor.  Quorum is currently ten
(10) members - at least ten members must participate in the ballot, either
by voting in favor, voting against, or abstaining.

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20170106/a51b0437/attachment-0001.html>


More information about the Public mailing list