[cabfpub] [Corrected] Voting has started on Ballot 180 - ends January 7

Sat Jan 7 00:26:50 UTC 2017

SSC votes: "Yes".

Thanks,
M.D.

On 1/2/2017 8:29 PM, Kirk Hall via Public wrote:
>
> _The voting period for Ballot 180 has started_, and will continue 
> until *_January 7, 2017 at 22:00 UTC_*. The ballot is shown below. 
> _Voting will occur on the Public list_.
>
> *Ballot 180 – Readopting the BRs, EVGL, EV Code Signing, and NCSSR 
> Guidelines with Amendments *
>
> *//*
>
> The following motion has been proposed by Kirk Hall of Entrust and 
> endorsed by Peter Bowen of Amazon and Virginia Fournier of Apple as a 
> Final Guideline:
>
> -- MOTION BEGINS –
>
> In accordance with the Bylaws and Intellectual Property Rights (IPR) 
> Policy of the CA/Browser Forum (the “Forum”), the following Guidelines:
>
> ·Baseline Requirements Certificate Policy for the Issuance and 
> Management of Publicly-Trusted Certificates (BRs)
>
> ·Guidelines for the Issuance and Management of Extended Validation 
> Certificates (EVGL)
>
> ·Guidelines for the Issuance and Management of Extended Validation 
> Code Signing Certificates, and
>
> ·Network and Certificate System Security Requirements,
>
> all as previously approved by all ballots up to and including Ballot 
> 175, are hereby readopted by this Ballot, with the following amendments.
>
> 1.  BR 3.2.2.4 is amended to read in its entirety as follows:
>
> *3.2.2.4 Validation of Domain Authorization or Control*
>
> This section defines the permitted processes and procedures for 
> validating the Applicant's ownership or control of the domain.
>
> The CA SHALL confirm that, as of the date the Certificate issues, 
> either the CA or a Delegated Third Party has validated each 
> Fully-Qualified Domain Name (FQDN) listed in the Certificate by using 
> any method of confirmation, provided that the CA maintains documented 
> evidence that the method of confirmation establishes that the 
> Applicant is the Domain Name Registrant or has control over the Fully 
> Qualified Domain Name (FQDN).
>
> Completed confirmations of Applicant authority may be valid for the 
> issuance of multiple certificates over time. In all cases, the 
> confirmation must have been initiated within the time period specified 
> in the relevant requirement (such as Section 3.3.1 of this document) 
> prior to certificate issuance. For purposes of domain validation, the 
> term Applicant includes the Applicant's Parent Company, Subsidiary 
> Company, or Affiliate.
>
> 2.  EVGL 11.7 is amended to read in its entirety as follows:
>
> *11.7.1. Verification Requirements*
>
> **
>
> (1) For each Fully-Qualified Domain Name listed in a Certificate, 
> other than a Domain Name with .onion in the rightmost label of the 
> Domain Name, the CA SHALL confirm that, as of the date the Certificate 
> was issued, the Applicant (or the Applicant’s Parent Company, 
> Subsidiary Company, or Affiliate, collectively referred to as 
> “Applicant” for the purposes of this section) either is the Domain 
> Name Registrant or has control over the FQDN using a procedure 
> specified in Section 3.2.2.4 of the Baseline Requirements. For a 
> Certificate issued to a Domain Name with .onion in the right-most 
> label of the Domain Name, the CA SHALL confirm, as of the date the 
> Certificate was issued, the Applicant’s control over the .onion Domain 
> Name in accordance with Appendix F.
>
> (2) *Mixed Character Set Domain Names: *EV Certificates MAY include 
> Domain Names containing mixed character sets only in compliance with 
> the rules set forth by the domain registrar. The CA MUST visually 
> compare any Domain Names with mixed character sets with known high 
> risk domains. If a similarity is found, then the EV Certificate 
> Request MUST be flagged as High Risk. The CA must perform reasonably 
> appropriate additional authentication and verification to be certain 
> beyond reasonable doubt that the Applicant and the target in question 
> are the same organization.
>
> The proposer and endorsers of this Ballot may withdraw this Ballot at 
> any time prior to completion of the final vote for approval, in which 
> case the Ballot will not proceed further.
>
> *-- MOTION ENDS – *
>
> The procedure for this Maintenance Guideline ballot is as follows 
> (exact start and end times may be adjusted to comply with applicable 
> Bylaws and IPR Agreement):
>
> BALLOT 180
>
> Status: Final Guideline
>
> 	
>
> Start time (22:00 UTC)
>
> 	
>
> End time (22:00 UTC)
>
> Discussion (7 days)
>
> 	
>
> Oct. 25, 2016
>
> 	
>
> Nov. 1, 2016
>
> Review Period (Chair to send Review Notice) (60 days).
>
> If Exclusion Notice(s) filed, PAG to be created and no further action 
> until PAG recommendations received.
>
> If no Exclusion Notice(s) filed, proceed to:
>
> 	
>
> Nov. 1, 2016
>
> 	
>
> Dec. 31, 2016
>
> Vote for approval (7 days)
>
> 	
>
> Dec. 31, 2016
>
> 	
>
> Jan. 7, 2017
>
> Votes must be cast by posting an on-list reply to this thread on the 
> Public list.
>
> A vote in favor of the motion must indicate a clear 'yes' in the 
> response. A vote against must indicate a clear 'no' in the response. A 
> vote to abstain must indicate a clear 'abstain' in the response. 
> Unclear responses will not be counted. The latest vote received from 
> any representative of a voting member before the close of the voting 
> period will be counted. Voting members are listed here: 
> https://cabforum.org/members/
>
> In order for the motion to be adopted, two thirds or more of the votes 
> cast by members in the CA category and greater than 50% of the votes 
> cast by members in the browser category must be in favor. Quorum is 
> currently ten (10) members – at least ten members must participate in 
> the ballot, either by voting in favor, voting against, or abstaining.
>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170107/a0e9baff/attachment-0003.html>