[cabfpub] Ballot proposal - Update Section 8.4 for CA audit criteria

Mon Apr 16 03:09:55 MST 2018

On 15/4/2018 10:33 μμ, Tim Hollebeek wrote:
>
> I’ll endorse.
>

Thanks Tim and Moudrick. I will submit the ballot with number 232 on 
Monday to officially start the discussion period.

Thanks,
Dimitris.

> *From:*Public [mailto:public-bounces at cabforum.org] *On Behalf Of 
> *Dimitris Zacharopoulos via Public
> *Sent:* Sunday, April 15, 2018 2:19 AM
> *To:* public at cabforum.org
> *Subject:* [cabfpub] Ballot proposal - Update Section 8.4 for CA audit 
> criteria
>
>
> I am looking for two endorsers for the following ballot.
>
> Dimitris.
>
> *Ballot XXX - Update Section 8.4 for CA audit criteria*
>
> The following motion has been proposed by Dimitris Zacharopoulos of 
> HARICA and endorsed by ___ and ___
>
> *Background*:
>
> Section 8.4 of the Baseline Requirements describes the audit criteria 
> for CAs that issue Publicly-Trusted SSL/TLS Certificates. This ballot 
> attempts to achieve two things:
>
>  1. Remove the old ETSI TS documents
>  2. Align the WebTrust
>     <https://clicktime.symantec.com/a/1/-LNek6We930Vd68vfdVuJigg53vekXVCllJyfDkuA5g=?d=vIszBeHpPVlFAX7-F5YlmWCDQRFNY29KroZO7y-g37lmsIOJh3MczDGr3NltsFHSIXp-2UBFvC2LBAns0GRnRMbwWRGMqZpE7v1ZFxZcI0J51Y3sEQVRkDmHml_JK8RookQmyVTMTDOSJMQOQRsyiMW-gIiYDjd6mXZ10RdBgVpVV_3D6GEdG_HX9aXOg-R-JEZ5wY821Xm-0MGiGMW0inVh0Hqqb_FknYU_8yhjLmaEnnHAjEyG3apfMUOJqLBRz9zEg38--EeH8jkBBAdkaETASOeviw26vUFjF7T5Uv9JF7bygxt5Z2hOc2YmviOGbuDk8aeTHdsOJte591N3JeYvSCBiSjT9vdiVigxW8_kJWX1VFJs4-V5aglbmR2cxNl2S7jofUoh2JLVL3qkke03oqkmNThw2S0deVf3Ky2cBVmVfGKI%3D&u=https%3A%2F%2Fwww.cabforum.org%2Fwiki%2FWebTrust>
>     and ETSI requirements
>
> "WebTrust 
> <https://clicktime.symantec.com/a/1/-LNek6We930Vd68vfdVuJigg53vekXVCllJyfDkuA5g=?d=vIszBeHpPVlFAX7-F5YlmWCDQRFNY29KroZO7y-g37lmsIOJh3MczDGr3NltsFHSIXp-2UBFvC2LBAns0GRnRMbwWRGMqZpE7v1ZFxZcI0J51Y3sEQVRkDmHml_JK8RookQmyVTMTDOSJMQOQRsyiMW-gIiYDjd6mXZ10RdBgVpVV_3D6GEdG_HX9aXOg-R-JEZ5wY821Xm-0MGiGMW0inVh0Hqqb_FknYU_8yhjLmaEnnHAjEyG3apfMUOJqLBRz9zEg38--EeH8jkBBAdkaETASOeviw26vUFjF7T5Uv9JF7bygxt5Z2hOc2YmviOGbuDk8aeTHdsOJte591N3JeYvSCBiSjT9vdiVigxW8_kJWX1VFJs4-V5aglbmR2cxNl2S7jofUoh2JLVL3qkke03oqkmNThw2S0deVf3Ky2cBVmVfGKI%3D&u=https%3A%2F%2Fwww.cabforum.org%2Fwiki%2FWebTrust> 
> for Certification Authorities" is equivalent to "ETSI EN 319 401" and 
> "WebTrust 
> <https://clicktime.symantec.com/a/1/-LNek6We930Vd68vfdVuJigg53vekXVCllJyfDkuA5g=?d=vIszBeHpPVlFAX7-F5YlmWCDQRFNY29KroZO7y-g37lmsIOJh3MczDGr3NltsFHSIXp-2UBFvC2LBAns0GRnRMbwWRGMqZpE7v1ZFxZcI0J51Y3sEQVRkDmHml_JK8RookQmyVTMTDOSJMQOQRsyiMW-gIiYDjd6mXZ10RdBgVpVV_3D6GEdG_HX9aXOg-R-JEZ5wY821Xm-0MGiGMW0inVh0Hqqb_FknYU_8yhjLmaEnnHAjEyG3apfMUOJqLBRz9zEg38--EeH8jkBBAdkaETASOeviw26vUFjF7T5Uv9JF7bygxt5Z2hOc2YmviOGbuDk8aeTHdsOJte591N3JeYvSCBiSjT9vdiVigxW8_kJWX1VFJs4-V5aglbmR2cxNl2S7jofUoh2JLVL3qkke03oqkmNThw2S0deVf3Ky2cBVmVfGKI%3D&u=https%3A%2F%2Fwww.cabforum.org%2Fwiki%2FWebTrust> 
> Principles and Criteria for Certification Authorities – SSL Baseline 
> with Network Security" is the equivalent of "ETSI EN 319 411-1".
>
> *-- MOTION BEGINS --*
>
> Replace the first two numbered items in section 8.4 of the Baseline 
> Requirements from:
>
>  1. WebTrust
>     <https://clicktime.symantec.com/a/1/-LNek6We930Vd68vfdVuJigg53vekXVCllJyfDkuA5g=?d=vIszBeHpPVlFAX7-F5YlmWCDQRFNY29KroZO7y-g37lmsIOJh3MczDGr3NltsFHSIXp-2UBFvC2LBAns0GRnRMbwWRGMqZpE7v1ZFxZcI0J51Y3sEQVRkDmHml_JK8RookQmyVTMTDOSJMQOQRsyiMW-gIiYDjd6mXZ10RdBgVpVV_3D6GEdG_HX9aXOg-R-JEZ5wY821Xm-0MGiGMW0inVh0Hqqb_FknYU_8yhjLmaEnnHAjEyG3apfMUOJqLBRz9zEg38--EeH8jkBBAdkaETASOeviw26vUFjF7T5Uv9JF7bygxt5Z2hOc2YmviOGbuDk8aeTHdsOJte591N3JeYvSCBiSjT9vdiVigxW8_kJWX1VFJs4-V5aglbmR2cxNl2S7jofUoh2JLVL3qkke03oqkmNThw2S0deVf3Ky2cBVmVfGKI%3D&u=https%3A%2F%2Fwww.cabforum.org%2Fwiki%2FWebTrust>
>     for Certification Authorities v2.0;
>  2. A national scheme that audits conformance to ETSI TS 102 042 /
>     ETSI EN 319 411-1; or
>
> to:
>
>  1. WebTrust
>     <https://clicktime.symantec.com/a/1/-LNek6We930Vd68vfdVuJigg53vekXVCllJyfDkuA5g=?d=vIszBeHpPVlFAX7-F5YlmWCDQRFNY29KroZO7y-g37lmsIOJh3MczDGr3NltsFHSIXp-2UBFvC2LBAns0GRnRMbwWRGMqZpE7v1ZFxZcI0J51Y3sEQVRkDmHml_JK8RookQmyVTMTDOSJMQOQRsyiMW-gIiYDjd6mXZ10RdBgVpVV_3D6GEdG_HX9aXOg-R-JEZ5wY821Xm-0MGiGMW0inVh0Hqqb_FknYU_8yhjLmaEnnHAjEyG3apfMUOJqLBRz9zEg38--EeH8jkBBAdkaETASOeviw26vUFjF7T5Uv9JF7bygxt5Z2hOc2YmviOGbuDk8aeTHdsOJte591N3JeYvSCBiSjT9vdiVigxW8_kJWX1VFJs4-V5aglbmR2cxNl2S7jofUoh2JLVL3qkke03oqkmNThw2S0deVf3Ky2cBVmVfGKI%3D&u=https%3A%2F%2Fwww.cabforum.org%2Fwiki%2FWebTrust>
>     Principles and Criteria for Certification Authorities – SSL
>     Baseline with Network Security;
>  2. A national scheme that audits conformance to ETSI EN 319 411-1; or
>
> *-- MOTION ENDS --*
>
> The procedure for this ballot is as follows (exact start and end times 
> may be adjusted to comply with applicable Bylaws and IPR Agreement):
>
> BALLOT XXX Status: Update BR Section 8.4 for CA audit criteria
>
> 	
>
> Start time (22:00 UTC)
>
> 	
>
> End time (22:00 UTC)
>
> Discussion (7+ days)
>
> 	
>
> TBD (hopefully 23 April 2018)
>
> 	
>
> TBD
>
> Vote for approval (7 days)
>
> 	
>
> TBD
>
> 	
>
> TBD according to voting start time
>
> If vote approves ballot: Review Period (Chair to send Review Notice) 
> (30 days)
> If Exclusion Notice(s) filed, ballot approval is rescinded and PAG to 
> be created.
> If no Exclusion Notices filed, ballot becomes effective at end of 
> Review Period.
> Votes must be cast by posting an on-list reply to this thread on the 
> Public Mail List.
>
> 	
>
> Upon filing of Review Notice by Chair
>
> 	
>
> 30 days after filing of Review Notice by Chair
>
> From the Bylaws section 2.4(a): "If the Draft Guideline Ballot is 
> proposing a Final Maintenance Guideline, such ballot will include a 
> redline or comparison showing the set of changes from the Final 
> Guideline section(s) intended to become a Final Maintenance Guideline, 
> and need not include a copy of the full set of guidelines. Such 
> redline or comparison shall be made against the Final Guideline 
> section(s) as they exist at the time a ballot is proposed, and need 
> not take into consideration other ballots that may be proposed 
> subsequently, except as provided in Section 2.4(j) below".
>
> Votes must be cast by posting an on-list reply to this thread on the 
> Public list. A vote in favor of the motion must indicate a clear 'yes' 
> in the response. A vote against must indicate a clear 'no' in the 
> response. A vote to abstain must indicate a clear 'abstain' in the 
> response. Unclear responses will not be counted. The latest vote 
> received from any representative of a voting member before the close 
> of the voting period will be counted. Voting members are listed here: 
> https://cabforum.org/members/ 
> <https://clicktime.symantec.com/a/1/5LbPFFbWqIbCa126pV-YOFw16zyp81X22ss8nMAxV5k=?d=vIszBeHpPVlFAX7-F5YlmWCDQRFNY29KroZO7y-g37lmsIOJh3MczDGr3NltsFHSIXp-2UBFvC2LBAns0GRnRMbwWRGMqZpE7v1ZFxZcI0J51Y3sEQVRkDmHml_JK8RookQmyVTMTDOSJMQOQRsyiMW-gIiYDjd6mXZ10RdBgVpVV_3D6GEdG_HX9aXOg-R-JEZ5wY821Xm-0MGiGMW0inVh0Hqqb_FknYU_8yhjLmaEnnHAjEyG3apfMUOJqLBRz9zEg38--EeH8jkBBAdkaETASOeviw26vUFjF7T5Uv9JF7bygxt5Z2hOc2YmviOGbuDk8aeTHdsOJte591N3JeYvSCBiSjT9vdiVigxW8_kJWX1VFJs4-V5aglbmR2cxNl2S7jofUoh2JLVL3qkke03oqkmNThw2S0deVf3Ky2cBVmVfGKI%3D&u=https%3A%2F%2Fcabforum.org%2Fmembers%2F> 
>
>
> In order for the motion to be adopted, two thirds or more of the votes 
> cast by members in the CA category and greater than 50% of the votes 
> cast by members in the browser category must be in favor. Quorum is 
> shown on CA/Browser Forum wiki. Under the Bylaws section 2.3(g), at 
> least the required quorum number must participate in the ballot for 
> the ballot to be valid, either by voting in favor, voting against, or 
> abstaining.
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20180416/eb7505db/attachment-0001.html>