[cabfpub] [EXTERNAL]Re: Voting has started on Ballot 214 - CAA Discovery CNAME Errata
Ryan Sleevi
sleevi at google.com
Thu Sep 28 00:17:00 UTC 2017
On Thu, Sep 28, 2017 at 3:30 AM, Kirk Hall via Public <public at cabforum.org>
wrote:
> Before we assume WebTrust auditors won’t care about this period of BR
> non-compliance by their CA audit subjects, we should check with them.
>
Kirk,
Would the minuted discussions that you participated in be helpful in
highlighting how this perennial topic has been repeatedly addressed? I'm
wondering if, much like your other ballot suggestions, you've simply
forgotten the past discussions. The Scottsdale minutes are particularly
illuminating on this topic, but as you recall from multiple discussions
about the cadence of changes in the BRs versus WebTrust, this topic has
been thoroughly discussed and consistently results in an answer in line
with what Peter provided.
If these discussions are not productive, then perhaps it's more useful to
understand why that is the case, and what might help properly address your
concerns in a way that we can avoid continually having this conversation.
>
>
> Also – it’s a risky strategy to knowingly be in non-compliance with the
> BRs, assuming the auditors won’t catch up with us. I’d prefer to correct
> the BRs now (as of the mandatory CAA date of Sept. 8, 2017) so we are all
> in compliance with how BR 3.2.2.8 should have been amended. This type of
> thing is often done with laws and regulations, which I think is the better
> way to view the BRs (not as isolated and immutable “standards”).
>
I appreciate that you have shared this perspective, many times. I had hoped
through all of the discussion you would have recognized that this
perspective is not only not shared, but in active conflict with the role
and nature of the Forum.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170928/542761ae/attachment-0003.html>
More information about the Public
mailing list