[cabfpub] Ballot 189 - Amend Section 6.1.7 of Baseline Requirements

Dimitris Zacharopoulos jimmy at it.auth.gr
Thu Mar 30 21:53:22 UTC 2017



On 31/3/2017 12:21 πμ, Ryan Sleevi wrote:
>
>
> On Thu, Mar 30, 2017 at 4:10 PM, Dimitris Zacharopoulos 
> <jimmy at it.auth.gr <mailto:jimmy at it.auth.gr>> wrote:
>
>     The reason for this language was to have a clear scope on which
>     Root CA Certificates are affected by this rule.
>
>
> Isn't this already materially addressed by the scope of the Baseline 
> Requirements?
>
>     Anyone who might object to this change?
>
>
> I'm still not sure I fully understand the proposal for the change and 
> what it is attempting to accomplish, given the above general scope of 
> the Baseline Requirements, and Root Programs expectations regarding 
> id-kp-emailProtection or id-kp-codeSigning (namely, they don't require 
> "WebTrust for CAs - SSL Baseline with Network Security" audits)

You are probably right, it has been discussed several times in the past. 
I had the impression that the new ETSI EN 319 411-1 have direct 
references to the BRs even for non-SSL cases (I will need to double 
check on that). So, this means that nobody will probably object to the 
proposed change.

If Digicert or Entrust who endorsed this ballot, have an objection about 
this change, please let me know otherwise I will circulate this 
correction before the voting period begins.


Thanks,
Dimitris.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170331/38099216/attachment-0003.html>


More information about the Public mailing list