[cabfpub] Ballot 223 v2 - Update BR Section 8.4 for CA audit criteria

Dimitris Zacharopoulos jimmy at it.auth.gr
Mon Apr 30 18:22:39 UTC 2018


I received some private comments and suggestions from members about the 
proposed language. There were concerns that with some reading of the 
requirement, CAs under ETSI would need two audit reports (EN 319 401 and 
EN 319 411-1) instead of one. For ETSI, the EN 319 401 audit criteria is 
a prerequisite for EN 319 411-1. This means that if a CA is certified 
against EN 319 411-1, it doesn't also need to be certified against EN 
319 401. The proposed ballot attempts to address this concern as well.


----

The following motion has been proposed by Dimitris Zacharopoulos of 
HARICA and endorsed by Moudrick M. Dadashov of SSC and Tim Hollebeek 
from Digicert.

*Background*:

Section 8.4 of the Baseline Requirements describes the audit criteria 
for CAs that issue Publicly-Trusted SSL/TLS Certificates. This ballot 
attempts to achieve two things:

 1. Remove the old ETSI TS documents
 2.

    Align the WebTrust and ETSI requirements

"WebTrust for Certification Authorities" is equivalent to "ETSI EN 319 
401" and "WebTrust Principles and Criteria for Certification Authorities 
– SSL Baseline with Network Security" combined with "WebTrust for 
Certification Authorities" is equivalent to "ETSI EN 319 411-1".

*-- MOTION BEGINS --*

Replace the first two numbered items in section 8.4 from:

 1.

    WebTrust for Certification Authorities v2.0;

 2. A national scheme that audits conformance to ETSI TS 102 042 / ETSI
    EN 319 411-1; or

to:

 1.

    "WebTrust for CAs v2.0 or newer" AND "WebTrust for CAs SSL Baseline
    with Network Security v2.2 or newer"; or

 2. ETSI EN 319 411-1, which includes normative references to ETSI EN
    319 401 (the latest version of the referenced ETSI documents should
    be applied); or

*-- MOTION ENDS --*

The procedure for this ballot is as follows (exact start and end times 
may be adjusted to comply with applicable Bylaws and IPR Agreement):

*BALLOT 223 v2 Status: Update BR Section 8.4 for CA audit criteria*

	

*Start time (22:00 UTC)*

	

*End time (22:00 UTC)*

Discussion (7+ days)

	

30 April 2018

	

7 May 2018

Vote for approval (7 days)

	

TBD

	

TBD according to voting start time

If vote approves ballot: Review Period (Chair to send Review Notice) (30 
days)
If Exclusion Notice(s) filed, ballot approval is rescinded and PAG to be 
created.
If no Exclusion Notices filed, ballot becomes effective at end of Review 
Period.
Votes must be cast by posting an on-list reply to this thread on the 
Public Mail List.

	

Upon filing of Review Notice by Chair

	

30 days after filing of Review Notice by Chair

 From the Bylaws section 2.4(a): "If the Draft Guideline Ballot is 
proposing a Final Maintenance Guideline, such ballot will include a 
redline or comparison showing the set of changes from the Final 
Guideline section(s) intended to become a Final Maintenance Guideline, 
and need not include a copy of the full set of guidelines. Such redline 
or comparison shall be made against the Final Guideline section(s) as 
they exist at the time a ballot is proposed, and need not take into 
consideration other ballots that may be proposed subsequently, except as 
provided in Section 2.4(j) below".

Votes must be cast by posting an on-list reply to this thread on the 
Public list. A vote in favor of the motion must indicate a clear 'yes' 
in the response. A vote against must indicate a clear 'no' in the 
response. A vote to abstain must indicate a clear 'abstain' in the 
response. Unclear responses will not be counted. The latest vote 
received from any representative of a voting member before the close of 
the voting period will be counted. Voting members are listed here: 
https://cabforum.org/members/

In order for the motion to be adopted, two thirds or more of the votes 
cast by members in the CA category and greater than 50% of the votes 
cast by members in the browser category must be in favor. Quorum is 
shown on CA/Browser Forum wiki. Under the Bylaws section 2.3(g), at 
least the required quorum number must participate in the ballot for the 
ballot to be valid, either by voting in favor, voting against, or 
abstaining.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20180430/58caad2e/attachment-0002.html>


More information about the Public mailing list