[cabfpub] Revised Notice of Review Period - Ballot 198 - .Onion Revisions

Ben Wilson ben.wilson at digicert.com
Tue May 16 17:00:30 UTC 2017


Attached is the redlined version of Appendix F of the EV Guidelines
(v.1.6.3) based on the language of the ballot.  There was a discrepancy
between the earlier PDF attachment to the ballot and the text in email that
announced the ballot.  It appears that the PDF was based on an old,
out-of-date version of Appendix F .  

In the attached redlined version I have tried to preserve the intent of
Ballot 198.  I will be posting version 1.6.3 of the EV Guidelines to the
CA/Browser Forum website shortly.  All versions (PDF/Word/redlined/w-o
redlining) will be uploaded to here https://cabforum.org/wiki/EV on the wiki
as well.

Yours truly,

Ben Wilson  


From: Public [mailto:public-bounces at cabforum.org] On Behalf Of Kirk Hall via
Sent: Monday, May 8, 2017 5:18 PM
To: CA/Browser Forum Public Discussion List <public at cabforum.org>
Cc: Kirk Hall <Kirk.Hall at entrustdatacard.com>
Subject: [cabfpub] Revised Notice of Review Period - Ballot 198 - .Onion


Sorry, got end date wrong before.  End date in June 8 at 01:00 UTC.




This Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum's
Intellectual Property Rights Policy (v1.2).  This Review Period is for Final
Maintenance Guidelines (30 day Review Period).  A complete draft of the
Draft Guideline that is the subject of this Review Notice is attached.


Date Review Notice Sent:        May 8, 2017


Ballot for Review:                    Ballot 198 - .Onion Revisions


Start of Review Period:           May 9, 2017 at 01:00 UTC


End of Review Period:             June 8, 2017 at 01:00 UTC


Please forward any Exclusion Notice relating to Essential Claims to the
Chair by email to  <mailto:kirk.hall at entrustdatacard.com>
kirk.hall at entrustdatacard.com before the end of the Review Period.  See
current version of CA/Browser Forum Intellectual Property Rights Policy for
details.  (Optional form of Exclusion Notice is attached)

Ballot 198 - .Onion Revisions


Revise Appendix F, Section 1 to read as follows:

Appendix F - Issuance of Certificates for .onion Domain Names

A CA may issue an EV Certificate containing the .onion Domain Name provided
that issuance complies with the requirements set forth in this Appendix:

1.	CAB Forum Tor Service Descriptor Hash extension (

The CAB Forum extension in of the TBSCertificate to convey hashes of keys
related to .onion addresses.  The CA MUST include the Tor Service Descriptor
Hash extension using the following format:

cabf-TorServiceDescriptorHash OBJECT IDENTIFIER ::= { }

TorServiceDescriptorHash:: = SEQUENCE { 

algorithm                        AlgorithmIdentifier

subjectPublicKeyHash   BIT STRING              }

Where the AlgorithmIdentifier is a hashing algorithm (defined in RFC 6234)
performed over the raw Public Key of the .onion service and
SubjectPublicKeyHash is the value of the hash output of the raw Public Key.

--Motion Ends--


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170516/829ea3f0/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: EV V1_6_3-Appendix F.pdf
Type: application/pdf
Size: 102241 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170516/829ea3f0/attachment-0003.pdf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4974 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170516/829ea3f0/attachment-0001.p7s>

More information about the Public mailing list