[cabfpub] Voting has started on Ballot 180 - ends January 7

Ryan Sleevi sleevi at google.com
Sat Jan 7 13:00:54 MST 2017


Google votes YES

On Mon, Jan 2, 2017 at 10:28 AM, Kirk Hall via Public <public at cabforum.org>
wrote:

> *The voting period for Ballot 180 has started*, and will continue until *January
> 7, 2017 at 22:00 UTC*.  The ballot is shown below.  Please vote this week
> on this ballot and also on Ballot 181.  Bylaw 2.2(d) says “All voting
> will take place online via the members’ electronic mailing list”, so voting
> should take place on the management list, management at cabforum.org.
>
>
>
>
>
> *Ballot 180 – Readopting the BRs, EVGL, EV Code Signing, and NCSSR
> Guidelines with Amendments *
>
>
>
> The following motion has been proposed by Kirk Hall of Entrust and
> endorsed by Peter Bowen of Amazon and Virginia Fournier of Apple as a Final
> Guideline:
>
>
>
> -- MOTION BEGINS –
>
>
>
> In accordance with the Bylaws and Intellectual Property Rights (IPR)
> Policy of the CA/Browser Forum (the “Forum”), the following Guidelines:
>
>
>
> ·       Baseline Requirements Certificate Policy for the Issuance and
> Management of Publicly-Trusted Certificates (BRs)
>
> ·       Guidelines for the Issuance and Management of Extended Validation
> Certificates (EVGL)
>
> ·       Guidelines for the Issuance and Management of Extended Validation
> Code Signing Certificates, and
>
> ·       Network and Certificate System Security Requirements,
>
>
>
> all as previously approved by all ballots up to and including Ballot 175,
> are hereby readopted by this Ballot, with the following amendments.
>
>
>
> 1.  BR 3.2.2.4 is amended to read in its entirety as follows:
>
>
>
> *3.2.2.4 Validation of Domain Authorization or Control*
>
>
>
> This section defines the permitted processes and procedures for validating
> the Applicant's ownership or control of the domain.
>
>
>
> The CA SHALL confirm that, as of the date the Certificate issues, either
> the CA or a Delegated Third Party has validated each Fully-Qualified Domain
> Name (FQDN) listed in the Certificate by using any method of
> confirmation, provided that the CA maintains documented evidence that the
> method of confirmation establishes that the Applicant is the Domain Name
> Registrant or has control over the Fully Qualified Domain Name (FQDN).
>
>
>
> Completed confirmations of Applicant authority may be valid for the
> issuance of multiple certificates over time. In all cases, the confirmation
> must have been initiated within the time period specified in the relevant
> requirement (such as Section 3.3.1 of this document) prior to certificate
> issuance. For purposes of domain validation, the term Applicant includes
> the Applicant's Parent Company, Subsidiary Company, or Affiliate.
>
>
>
> 2.  EVGL 11.7 is amended to read in its entirety as follows:
>
>
>
> *11.7.1. Verification Requirements*
>
>
>
> (1) For each Fully-Qualified Domain Name listed in a Certificate, other
> than a Domain Name with .onion in the rightmost label of the Domain Name,
> the CA SHALL confirm that, as of the date the Certificate was issued, the
> Applicant (or the Applicant’s Parent Company, Subsidiary Company, or
> Affiliate, collectively referred to as “Applicant” for the purposes of this
> section) either is the Domain Name Registrant or has control over the FQDN
> using a procedure specified in Section 3.2.2.4 of the Baseline
> Requirements. For a Certificate issued to a Domain Name with .onion in the
> right-most label of the Domain Name, the CA SHALL confirm, as of the date
> the Certificate was issued, the Applicant’s control over the .onion Domain
> Name in accordance with Appendix F.
>
>
>
> (2) *Mixed Character Set Domain Names: *EV Certificates MAY include
> Domain Names containing mixed character sets only in compliance with the
> rules set forth by the domain registrar. The CA MUST visually compare any
> Domain Names with mixed character sets with known high risk domains. If a
> similarity is found, then the EV Certificate Request MUST be flagged as
> High Risk. The CA must perform reasonably appropriate additional
> authentication and verification to be certain beyond reasonable doubt that
> the Applicant and the target in question are the same organization.
>
>
>
> The proposer and endorsers of this Ballot may withdraw this Ballot at any
> time prior to completion of the final vote for approval, in which case the
> Ballot will not proceed further.
>
>
>
> *-- MOTION ENDS – *
>
>
>
> The procedure for this Maintenance Guideline ballot is as follows (exact
> start and end times may be adjusted to comply with applicable Bylaws and
> IPR Agreement):
>
>
>
> BALLOT 180
>
> Status: Final Guideline
>
> Start time (22:00 UTC)
>
> End time (22:00 UTC)
>
> Discussion (7 days)
>
> Oct. 25, 2016
>
> Nov. 1, 2016
>
> Review Period (Chair to send Review Notice) (60 days).
>
> If Exclusion Notice(s) filed, PAG to be created and no further action
> until PAG recommendations received.
>
> If no Exclusion Notice(s) filed, proceed to:
>
> Nov. 1, 2016
>
> Dec. 31, 2016
>
> Vote for approval (7 days)
>
> Dec. 31, 2016
>
> Jan. 7, 2017
>
>
>
> Votes must be cast by posting an on-list reply to this thread on the
> Public list.
>
>
>
> A vote in favor of the motion must indicate a clear 'yes' in the response.
> A vote against must indicate a clear 'no' in the response. A vote to
> abstain must indicate a clear 'abstain' in the response. Unclear responses
> will not be counted. The latest vote received from any representative of a
> voting member before the close of the voting period will be counted. Voting
> members are listed here: https://cabforum.org/members/
>
>
>
> In order for the motion to be adopted, two thirds or more of the votes
> cast by members in the CA category and greater than 50% of the votes cast
> by members in the browser category must be in favor.  Quorum is currently
> ten (10) members – at least ten members must participate in the ballot,
> either by voting in favor, voting against, or abstaining.
>
>
>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20170107/24011de6/attachment-0001.html>


More information about the Public mailing list