[cabfpub] Ballot 213 - Revocation Timeline Extension

[Gervase Markham]

On 01/09/17 18:58, Ryan Sleevi wrote:
> It's primarily about ensuring transparency in a way that's consistent -
> and the Forum is relevant because it feeds into our determination about
> ways to clarify text, while also providing a useful reference for
> auditors and CAs regarding root stores' interpretations (and ensuring
> there's no misalignment). I suggested questions@, because it's our only
> list that doesn't require any form of agreement or participation in the
> Forum at large - thus ensuring it's appropriate for all members. 

(This is not the first time we've encountered that issue; do we need a
better-named "notifications at cabforum.org" email list?)

I see what you are trying to do; perhaps it's the phrasing which is
bugging me. Does this wording do the same thing that you are aiming for,
or has it changed the meaning?

"If any interpretation of these Requirements means that a CA believes it
may permit, and does permit, more than seven days to elapse between
receiving a Certificate Problem Report and providing a final
determination, the CA SHALL notify the CA/Browser Forum of their
interpretation by emailing questions at cabforum.org."


But again, while I see what you are trying to do, how to we avoid the
BRs filling up with text like:

A) Do X.
B) If any CA feels these Requirements can be interpreted to mean that
they don't have to do X, they should email questions at cabforum.org.
C) Do Y.
D) If any CA feels these Requirements can be interpreted to mean that
they don't have to do X, they should email questions at cabforum.org.
...

Why is there a unique need in this particular case for notification of
interpretive "creativity"?

Gerv