[cabfpub] Ballot 223 - Update BR Section 8.4 for CA audit criteria

Dimitris Zacharopoulos jimmy at it.auth.gr
Fri Apr 27 07:16:10 MST 2018 


On 27/4/2018 5:08 μμ, Arno Fiedler via Public wrote:
> Hello Dimitris,
> please change the proposed text
> --------------------------------------
> "ETSI EN 319 401 v2.1.1 or newer" AND "ETSI EN 319 411-1 v1.1.1
> ---------------------------------------
> to
> ------------------------------------
> "ETSI EN 319 411-1 v1.1.1 or later, or ETSI EN 319 411-2 v.2.1.1 or 
> later."
> ------------------------------------------
> EN 319 401 "General Policy Requirements for Trust Service Providers" 
> covers the basic (eIDAS-) Requirements
>
> I still propose a longer discussing phase >21 days.
> Best regards
> Arno/
>
>
> /

Your proposed change is not correct. There were previous discussions in 
the Forum which resulted that the 411-2 is not applicable to the CA/B 
Forum baseline requirements.

I thought the "background" information of the ballot would explain the 
goal of aligning between WebTrust and ETSI which is precisely why we 
added the 401 to align with "WebTrust for CAs" and the 411-1 to align 
with the "WebTrust for CAs SSL Baseline with Network Security".

Happy to extend the discussion phase if anyone brings any substantial 
objections or concerns with the current proposal.


Best regards,
Dimitris.

> //
>
>
> Am 27.04.2018 um 13:58 schrieb Dimitris Zacharopoulos via Public:
>> On 27/4/2018 2:21 μμ, Arno Fiedler via Public wrote:
>>>
>>> Hello Dimitris,
>>>
>>> so starting at Mai 1th is fine, if we get 21 days for discussion.
>>>
>>> Best regards
>>>
>>> arno
>>>
>>
>> Hi Arno,
>>
>> The discussion has already begun on April 23rd. As already discussed, 
>> if no new information is presented, the final ballot (with no 
>> changes) will be sent, probably on April 30, stating that the voting 
>> will begin on May 1st with no more possible updates to the ballot.
>>
>>
>> Best Regards,
>> Dimitris.
>>>
>>>
>>> Am 27.04.2018 um 07:39 schrieb Dimitris Zacharopoulos via Public:
>>>>
>>>> So far the discussion has been quiet which either means people 
>>>> generally agree with the ballot or that nobody had time to review 
>>>> it :-)
>>>>
>>>> I plan on starting the voting period on May 1st unless we hear some 
>>>> strong objections.
>>>>
>>>>
>>>> Best Regards,
>>>> Dimitris.
>>>>
>>>>
>>>> On 23/4/2018 8:18 πμ, Dimitris Zacharopoulos via Public wrote:
>>>>>
>>>>>
>>>>> The following motion has been proposed by Dimitris Zacharopoulos 
>>>>> of HARICA and endorsed by Moudrick M. Dadashov of SSC and Tim 
>>>>> Hollebeek from Digicert.
>>>>>
>>>>> *Background*:
>>>>>
>>>>> Section 8.4 of the Baseline Requirements describes the audit 
>>>>> criteria for CAs that issue Publicly-Trusted SSL/TLS Certificates. 
>>>>> This ballot attempts to achieve two things:
>>>>>
>>>>>  1. Remove the old ETSI TS documents
>>>>> 2.
>>>>>
>>>>>     Align the WebTrust and ETSI requirements
>>>>>
>>>>> "WebTrust for Certification Authorities" is equivalent to "ETSI EN 
>>>>> 319 401" and "WebTrust Principles and Criteria for Certification 
>>>>> Authorities – SSL Baseline with Network Security" is equivalent to 
>>>>> "ETSI EN 319 411-1".
>>>>>
>>>>> *-- MOTION BEGINS --*
>>>>>
>>>>> Replace the first two numbered items in section 8.4 from:
>>>>>
>>>>> 1.
>>>>>
>>>>>     WebTrust for Certification Authorities v2.0;
>>>>>
>>>>>  2. A national scheme that audits conformance to ETSI TS 102 042 /
>>>>>     ETSI EN 319 411-1; or
>>>>>
>>>>> to:
>>>>>
>>>>> 1.
>>>>>
>>>>>     "WebTrust for CAs v2.0 or newer" AND "WebTrust for CAs SSL
>>>>>     Baseline with Network Security v2.2 or newer"; or
>>>>>
>>>>>  2. "ETSI EN 319 401 v2.1.1 or newer" AND "ETSI EN 319 411-1
>>>>>     v1.1.1"; or
>>>>>
>>>>> *-- MOTION ENDS --*
>>>>>
>>>>> The procedure for this ballot is as follows (exact start and end 
>>>>> times may be adjusted to comply with applicable Bylaws and IPR 
>>>>> Agreement):
>>>>>
>>>>> *BALLOT 223 Status: Update BR Section 8.4 for CA audit criteria*
>>>>>
>>>>> 	
>>>>>
>>>>> *Start time (22:00 UTC)*
>>>>>
>>>>> 	
>>>>>
>>>>> *End time (22:00 UTC)*
>>>>>
>>>>> Discussion (7+ days)
>>>>>
>>>>> 	
>>>>>
>>>>> 23 April 2018
>>>>>
>>>>> 	
>>>>>
>>>>> 30 April 2018
>>>>>
>>>>> Vote for approval (7 days)
>>>>>
>>>>> 	
>>>>>
>>>>> TBD
>>>>>
>>>>> 	
>>>>>
>>>>> TBD according to voting start time
>>>>>
>>>>> If vote approves ballot: Review Period (Chair to send Review 
>>>>> Notice) (30 days)
>>>>> If Exclusion Notice(s) filed, ballot approval is rescinded and PAG 
>>>>> to be created.
>>>>> If no Exclusion Notices filed, ballot becomes effective at end of 
>>>>> Review Period.
>>>>> Votes must be cast by posting an on-list reply to this thread on 
>>>>> the Public Mail List.
>>>>>
>>>>> 	
>>>>>
>>>>> Upon filing of Review Notice by Chair
>>>>>
>>>>> 	
>>>>>
>>>>> 30 days after filing of Review Notice by Chair
>>>>>
>>>>> From the Bylaws section 2.4(a): "If the Draft Guideline Ballot is 
>>>>> proposing a Final Maintenance Guideline, such ballot will include 
>>>>> a redline or comparison showing the set of changes from the Final 
>>>>> Guideline section(s) intended to become a Final Maintenance 
>>>>> Guideline, and need not include a copy of the full set of 
>>>>> guidelines. Such redline or comparison shall be made against the 
>>>>> Final Guideline section(s) as they exist at the time a ballot is 
>>>>> proposed, and need not take into consideration other ballots that 
>>>>> may be proposed subsequently, except as provided in Section 2.4(j) 
>>>>> below".
>>>>>
>>>>> Votes must be cast by posting an on-list reply to this thread on 
>>>>> the Public list. A vote in favor of the motion must indicate a 
>>>>> clear 'yes' in the response. A vote against must indicate a clear 
>>>>> 'no' in the response. A vote to abstain must indicate a clear 
>>>>> 'abstain' in the response. Unclear responses will not be counted. 
>>>>> The latest vote received from any representative of a voting 
>>>>> member before the close of the voting period will be counted. 
>>>>> Voting members are listed here: https://cabforum.org/members/ 
>>>>> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcabforum.org%2Fmembers%2F&data=02%7C01%7C%7C38331e54981341187a6508d5ac014ae7%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C636604043901501245&sdata=hxkdSje8Fvk6xsS942EenBP2jU43pcvRSv0gJIPJ4fg%3D&reserved=0> 
>>>>>
>>>>>
>>>>> In order for the motion to be adopted, two thirds or more of the 
>>>>> votes cast by members in the CA category and greater than 50% of 
>>>>> the votes cast by members in the browser category must be in 
>>>>> favor. Quorum is shown on CA/Browser Forum wiki. Under the Bylaws 
>>>>> section 2.3(g), at least the required quorum number must 
>>>>> participate in the ballot for the ballot to be valid, either by 
>>>>> voting in favor, voting against, or abstaining.
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Public mailing list
>>>>> Public at cabforum.org
>>>>> https://cabforum.org/mailman/listinfo/public
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Public mailing list
>>>> Public at cabforum.org
>>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcabforum.org%2Fmailman%2Flistinfo%2Fpublic&data=02%7C01%7C%7C38331e54981341187a6508d5ac014ae7%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C636604043901657497&sdata=yfcaS78wsAZVH7wtKQ5APB%2F0ejm2tk%2BtxzSu6vwz3HM%3D&reserved=0
>>>
>>> -- 
>>> Arno Fiedler
>>> Nimbus Technologieberatung GmbH
>>> Reichensteiner Weg 17
>>> 14195 Berlin
>>> Mobil:      0049-(0)172-3053272
>>> Fax:        0049-(0)30-89745-777
>>> E-Mail:arno.fiedler at nimbus-berlin.com
>>> Web:www.nimbus-berlin.com
>>> Geschäftsführer:  Arno Fiedler
>>> USt-IdNr. :       DE 203 269 920
>>> D-U-N-S® Nr.      50-730-8117
>>> HandelsregisterNr:HRB 109409 B
>>>
>>>
>>> _______________________________________________
>>> Public mailing list
>>> Public at cabforum.org
>>> https://cabforum.org/mailman/listinfo/public
>>
>>
>>
>> _______________________________________________
>> Public mailing list
>> Public at cabforum.org
>> https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcabforum.org%2Fmailman%2Flistinfo%2Fpublic&data=02%7C01%7C%7C3c87c7d9811346a665a408d5ac364b00%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C636604271537492849&sdata=lMCiXnkjP9TKMGovj%2BZM5msLUCl4Olfp9wPFvMaOXwo%3D&reserved=0
>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20180427/bbc6bf49/attachment-0001.html>

More information about the Public mailing list