[cabfpub] Ballot proposal - Update Section 8.4 for CA audit criteria

Dimitris Zacharopoulos jimmy at it.auth.gr
Sun Apr 15 08:32:33 UTC 2018 

I did not add this language, it exists in the current BRs :-) I also 
find it confusing and would be happy to remove it. Auditors need to be 
qualified anyway as described in section 8.2 so the "national scheme" in 
8.4 is redundant.

If there are no objections, I will remove it.


Dimitris.



On 15/4/2018 10:53 πμ, Moudrick M. Dadashov wrote:
> We endorse this but what do you mean by "a national scheme"?
>
> Thanks,
> M.D.
>
> On 4/15/2018 9:18 AM, Dimitris Zacharopoulos via Public wrote:
>>
>> I am looking for two endorsers for the following ballot.
>>
>> Dimitris.
>>
>> *Ballot XXX - Update Section 8.4 for CA audit criteria*
>>
>> The following motion has been proposed by Dimitris Zacharopoulos of 
>> HARICA and endorsed by ___ and ___
>>
>> *Background*:
>>
>> Section 8.4 of the Baseline Requirements describes the audit criteria 
>> for CAs that issue Publicly-Trusted SSL/TLS Certificates. This ballot 
>> attempts to achieve two things:
>>
>>  1. Remove the old ETSI TS documents
>> 2.
>>
>>     Align the WebTrust <https://www.cabforum.org/wiki/WebTrust> and
>>     ETSI requirements
>>
>> "WebTrust <https://www.cabforum.org/wiki/WebTrust> for Certification 
>> Authorities" is equivalent to "ETSI EN 319 401" and "WebTrust 
>> <https://www.cabforum.org/wiki/WebTrust> Principles and Criteria for 
>> Certification Authorities – SSL Baseline with Network Security" is 
>> the equivalent of "ETSI EN 319 411-1".
>>
>> *-- MOTION BEGINS --*
>>
>> Replace the first two numbered items in section 8.4 of the Baseline 
>> Requirements from:
>>
>> 1.
>>
>>     WebTrust <https://www.cabforum.org/wiki/WebTrust> for
>>     Certification Authorities v2.0;
>>
>>  2. A national scheme that audits conformance to ETSI TS 102 042 /
>>     ETSI EN 319 411-1; or
>>
>> to:
>>
>> 1.
>>
>>     WebTrust <https://www.cabforum.org/wiki/WebTrust> Principles and
>>     Criteria for Certification Authorities – SSL Baseline with
>>     Network Security;
>>
>>  2. A national scheme that audits conformance to ETSI EN 319 411-1; or
>>
>> *-- MOTION ENDS --*
>>
>> The procedure for this ballot is as follows (exact start and end 
>> times may be adjusted to comply with applicable Bylaws and IPR 
>> Agreement):
>>
>> BALLOT XXX Status: Update BR Section 8.4 for CA audit criteria
>>
>> 	
>>
>> Start time (22:00 UTC)
>>
>> 	
>>
>> End time (22:00 UTC)
>>
>> Discussion (7+ days)
>>
>> 	
>>
>> TBD (hopefully 23 April 2018)
>>
>> 	
>>
>> TBD
>>
>> Vote for approval (7 days)
>>
>> 	
>>
>> TBD
>>
>> 	
>>
>> TBD according to voting start time
>>
>> If vote approves ballot: Review Period (Chair to send Review Notice) 
>> (30 days)
>> If Exclusion Notice(s) filed, ballot approval is rescinded and PAG to 
>> be created.
>> If no Exclusion Notices filed, ballot becomes effective at end of 
>> Review Period.
>> Votes must be cast by posting an on-list reply to this thread on the 
>> Public Mail List.
>>
>> 	
>>
>> Upon filing of Review Notice by Chair
>>
>> 	
>>
>> 30 days after filing of Review Notice by Chair
>>
>> From the Bylaws section 2.4(a): "If the Draft Guideline Ballot is 
>> proposing a Final Maintenance Guideline, such ballot will include a 
>> redline or comparison showing the set of changes from the Final 
>> Guideline section(s) intended to become a Final Maintenance 
>> Guideline, and need not include a copy of the full set of guidelines. 
>> Such redline or comparison shall be made against the Final Guideline 
>> section(s) as they exist at the time a ballot is proposed, and need 
>> not take into consideration other ballots that may be proposed 
>> subsequently, except as provided in Section 2.4(j) below".
>>
>> Votes must be cast by posting an on-list reply to this thread on the 
>> Public list. A vote in favor of the motion must indicate a clear 
>> 'yes' in the response. A vote against must indicate a clear 'no' in 
>> the response. A vote to abstain must indicate a clear 'abstain' in 
>> the response. Unclear responses will not be counted. The latest vote 
>> received from any representative of a voting member before the close 
>> of the voting period will be counted. Voting members are listed here: 
>> https://cabforum.org/members/
>>
>> In order for the motion to be adopted, two thirds or more of the 
>> votes cast by members in the CA category and greater than 50% of the 
>> votes cast by members in the browser category must be in favor. 
>> Quorum is shown on CA/Browser Forum wiki. Under the Bylaws section 
>> 2.3(g), at least the required quorum number must participate in the 
>> ballot for the ballot to be valid, either by voting in favor, voting 
>> against, or abstaining.
>>
>>
>> _______________________________________________
>> Public mailing list
>> Public at cabforum.org
>> https://cabforum.org/mailman/listinfo/public
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20180415/cd88e328/attachment-0003.html>

More information about the Public mailing list