[cabfpub] [EXTERNAL]Re: Ballot 190 - Recording BR Version Number
Kirk Hall
Kirk.Hall at entrustdatacard.com
Fri Jul 21 08:02:59 MST 2017
Meant for public list -- see my response below.
-----Original Message-----
From: Ryan Sleevi [mailto:sleevi at google.com]
Sent: Thursday, July 20, 2017 6:09 PM
To: Kirk Hall <Kirk.Hall at entrustdatacard.com>
Subject: Re: [EXTERNAL]Re: [cabfpub] Ballot 190 - Recording BR Version Number
Hi Kirk,
Did you mean to omit the list?
On Thu, Jul 20, 2017 at 9:08 PM, Kirk Hall <Kirk.Hall at entrustdatacard.com> wrote:
> The two responses (Gerv's and mine) are not in conflict, and there is no harm in including the extra information in the BRs. I'm a big believer in helping people avoid mistakes when it's easy to do.
>
> -----Original Message-----
> From: Ryan Sleevi [mailto:sleevi at google.com]
> Sent: Thursday, July 20, 2017 6:02 PM
> To: Kirk Hall <Kirk.Hall at entrustdatacard.com>; CA/Browser Forum Public
> Discussion List <public at cabforum.org>
> Cc: Wayne Thayer <wthayer at godaddy.com>
> Subject: [EXTERNAL]Re: [cabfpub] Ballot 190 - Recording BR Version
> Number
>
> Kirk,
>
> Given that the Forum already publishes its Ballots - and keeps track of changes within the documents - and given CAs are already required to annually review their CP/CPS (in addition to following the current published version), do you believe Gerv's response is not a perfectly reasonable and easy to accomplish approach?
>
> It would be useful to understand, given all the existing tools and practices, what's missing.
>
> On Thu, Jul 20, 2017 at 8:19 PM, Kirk Hall via Public <public at cabforum.org> wrote:
>> Wayne, I think your idea has merit in this special situation – and
>> it’s something we can probably accomplish without a ballot.
>>
>>
>>
>> Statute books commonly have notations at the end of each statute
>> showing all the times the statute was amended – often it will show
>> year and public law number (in “reverse” order with the most recent
>> first) so users can go back and find each law that affected a current statute.
>>
>>
>>
>> When we compile the BRs after Ballot 190 passes, we can put the BR
>> version number where each of the 10 methods was LAST amended by the
>> Forum. That way, a CA who looks at the most recent BR compilation
>> will know which methods have been recently amended, and which have
>> not. No one has to use this information, but it would be easy to
>> include in a footnote at the end of BR 3.2.2.4, and update when there is any further change.
>>
>>
>>
>> Ben and I will discuss after Ballot 190 has passed.
>>
>>
>>
>> From: Public [mailto:public-bounces at cabforum.org] On Behalf Of Wayne
>> Thayer via Public
>> Sent: Tuesday, July 18, 2017 6:32 PM
>> To: public at cabforum.org
>> Subject: [EXTERNAL][cabfpub] Ballot 190 - Recording BR Version Number
>>
>>
>>
>> Ballot 190 Includes the following statement in 3.2.2.4:
>>
>>
>>
>> The CA SHALL maintain a record of which domain validation method,
>> including relevant BR version number, they used to validate every domain.
>>
>>
>>
>> While I understand the logic behind this, I’m concerned about the
>> “relevant BR version number”. This could be interpreted in a number of imprecise ways.
>> For instance, does ballot 202 require CAs to update their system to
>> record compliance with changes to the definitions in some of the methods?
>>
>>
>>
>> I suggest that we add version numbers to each of the 10 validation
>> methods listed in the BRs and require CAs to record compliance with a
>> specific version of the validation method for each domain they
>> validate. This allows ballot authors to explicitly increment the
>> version number of a given method when a material change is made, and
>> provides clear guidance to CAs on what version number to record.
>>
>>
>>
>> Thanks,
>>
>>
>>
>> Wayne
>>
>>
>> _______________________________________________
>> Public mailing list
>> Public at cabforum.org
>> https://cabforum.org/mailman/listinfo/public
>>
More information about the Public
mailing list