[cabfpub] Ballot 223 - Update BR Section 8.4 for CA audit criteria: Request to postpone it
Moudrick M. Dadashov
md at ssc.lt
Mon Apr 23 16:01:36 UTC 2018
Tim, the latest ballot doesn't have "national scheme", its gone...
Thanks,
M.D.
On 4/23/2018 5:53 PM, Tim Hollebeek via Public wrote:
>
> There’s no need to postpone the discussion phase, as the discussion
> phase can last for as long as is necessary to get the ballot to where
> we want it to be. That’s why it’s listed as 7+ days. The end time
> should be listed as “not before 30 April 2018” instead of “30 April
> 2018”, in line with what we did for other recent ballots.
>
> Also, it is worth mentioning that this ballot came out of an oversight
> by the Governance Change Working Group, where we accidentally didn’t
> include Dimitris’ changes in the Governance Reform ballot, despite the
> fact that we said we were going to. It would be a shame to hold up
> these improvements for a long time by tying them to other larger
> efforts. I could be wrong, but “define more precise requirements on
> standards for conducting the audits” by referencing new standards
> sounds like something that could take a long while to get agreement on.
>
> Fixing the definition of “national scheme” sounds much more doable,
> and suggesting a concrete proposal of how it could be done would help.
>
> -Tim
>
> *From:*Public [mailto:public-bounces at cabforum.org] *On Behalf Of *Arno
> Fiedler via Public
> *Sent:* Monday, April 23, 2018 10:27 AM
> *To:* public at cabforum.org
> *Cc:* management-request at cabforum.org; ESI_TSP: (ESI Trust Service
> Providers) <ESI_TSP at LIST.ETSI.ORG>
> *Subject:* Re: [cabfpub] Ballot 223 - Update BR Section 8.4 for CA
> audit criteria: Request to postpone it
>
> Dear CA/B-Forum Members,
>
> sorry for jumping in late, Dimitris and Moudrick, many thanks for the
> proposed ballot.
> After checking different Browser Requirements I strongly suggest to
> postpone the discussion phase ballot 223 on "Updating BR Section 8.4".
>
> We should have further improvements on the definitions,
> esp. of "national scheme" ( e. g. within EA or IAF Framework) and
> define more precise requirements on standards for conducting the
> audits, (e. g. ISO/IEC 17065 supplemented by ETSI EN 319 403)
> so I suggest to postpone the start of the discussion phase on May, the
> 7th.
>
> Would realy like to cover the audit requirements from all browsers by
> the Ballot, so more time is needed.
>
> Thanks in advance and best regards
>
> Arno Fiedler
>
> Am 23.04.2018 um 07:18 schrieb Dimitris Zacharopoulos via Public:
>
> The following motion has been proposed by Dimitris Zacharopoulos
> of HARICA and endorsed by Moudrick M. Dadashov of SSC and Tim
> Hollebeek from Digicert.
>
> *Background*:
>
> Section 8.4 of the Baseline Requirements describes the audit
> criteria for CAs that issue Publicly-Trusted SSL/TLS Certificates.
> This ballot attempts to achieve two things:
>
> 1. Remove the old ETSI TS documents
> 2. Align the WebTrust and ETSI requirements
>
> "WebTrust for Certification Authorities" is equivalent to "ETSI EN
> 319 401" and "WebTrust Principles and Criteria for Certification
> Authorities – SSL Baseline with Network Security" is equivalent to
> "ETSI EN 319 411-1".
>
> *-- MOTION BEGINS --*
>
> Replace the first two numbered items in section 8.4 from:
>
> 1. WebTrust for Certification Authorities v2.0;
> 2. A national scheme that audits conformance to ETSI TS 102 042 /
> ETSI EN 319 411-1; or
>
> to:
>
> 1. "WebTrust for CAs v2.0 or newer" AND "WebTrust for CAs SSL
> Baseline with Network Security v2.2 or newer"; or
> 2. "ETSI EN 319 401 v2.1.1 or newer" AND "ETSI EN 319 411-1
> v1.1.1"; or
>
> *-- MOTION ENDS --*
>
> The procedure for this ballot is as follows (exact start and end
> times may be adjusted to comply with applicable Bylaws and IPR
> Agreement):
>
> *BALLOT 223 Status: Update BR Section 8.4 for CA audit criteria*
>
>
>
> *Start time (22:00 UTC)*
>
>
>
> *End time (22:00 UTC)*
>
> Discussion (7+ days)
>
>
>
> 23 April 2018
>
>
>
> 30 April 2018
>
> Vote for approval (7 days)
>
>
>
> TBD
>
>
>
> TBD according to voting start time
>
> If vote approves ballot: Review Period (Chair to send Review
> Notice) (30 days)
> If Exclusion Notice(s) filed, ballot approval is rescinded and PAG
> to be created.
> If no Exclusion Notices filed, ballot becomes effective at end of
> Review Period.
> Votes must be cast by posting an on-list reply to this thread on
> the Public Mail List.
>
>
>
> Upon filing of Review Notice by Chair
>
>
>
> 30 days after filing of Review Notice by Chair
>
> From the Bylaws section 2.4(a): "If the Draft Guideline Ballot is
> proposing a Final Maintenance Guideline, such ballot will include
> a redline or comparison showing the set of changes from the Final
> Guideline section(s) intended to become a Final Maintenance
> Guideline, and need not include a copy of the full set of
> guidelines. Such redline or comparison shall be made against the
> Final Guideline section(s) as they exist at the time a ballot is
> proposed, and need not take into consideration other ballots that
> may be proposed subsequently, except as provided in Section 2.4(j)
> below".
>
> Votes must be cast by posting an on-list reply to this thread on
> the Public list. A vote in favor of the motion must indicate a
> clear 'yes' in the response. A vote against must indicate a clear
> 'no' in the response. A vote to abstain must indicate a clear
> 'abstain' in the response. Unclear responses will not be counted.
> The latest vote received from any representative of a voting
> member before the close of the voting period will be counted.
> Voting members are listed here: https://cabforum.org/members/
> <https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcabforum.org%2Fmembers%2F&data=02%7C01%7C%7Cd1ece9170b4c412118c308d5a8d9b97b%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C636600575423532305&sdata=%2BtkvNa%2FRWMg%2BMi3aHyR4HnvwLA%2FDp5yqBCe7twDbuUs%3D&reserved=0>
>
>
> In order for the motion to be adopted, two thirds or more of the
> votes cast by members in the CA category and greater than 50% of
> the votes cast by members in the browser category must be in
> favor. Quorum is shown on CA/Browser Forum wiki. Under the Bylaws
> section 2.3(g), at least the required quorum number must
> participate in the ballot for the ballot to be valid, either by
> voting in favor, voting against, or abstaining.
>
>
> _______________________________________________
>
> Public mailing list
>
> Public at cabforum.org <mailto:Public at cabforum.org>
>
> https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcabforum.org%2Fmailman%2Flistinfo%2Fpublic&data=02%7C01%7C%7Cd1ece9170b4c412118c308d5a8d9b97b%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C636600575423532305&sdata=y2KaTimAOv%2FA%2FjMTaDpP1C9MPVG%2FPtTTxL9RPUE78pc%3D&reserved=0
>
> --
> Arno Fiedler
> Nimbus Technologieberatung GmbH
> Reichensteiner Weg 17
> 14195 Berlin
> Mobil: 0049-(0)172-3053272
> Fax: 0049-(0)30-89745-777
> E-Mail:arno.fiedler at nimbus-berlin.com <mailto:arno.fiedler at nimbus-berlin.com>
> Web:www.nimbus-berlin.com
> <https://clicktime.symantec.com/a/1/ZkMg4lf2QLN5xtF6BtrL1-wzNDD7Dq-y6pBn5TpZJYA=?d=UHo2Qz9CW7I04zEs37QU2ZPO7JgcLOhepmWY8i9XMIXkHN7Uxxcl7LOnLuy6DMHWLlZ4M3W7YH53fij_k6wPI-URHX4RR4ewze4_dNA77EqoEYf1LT7tyxjTEghcECLGQOni-Dn4UeLOOXZ9xqEh-Ta_n9ti9HoDEbK0BrHvQeqY9NvWby5NOiX7SuDaQoqB57iND11htveXS7AylirpKMHhOCPaAF9n7QNqE6GAk1djNSvPh6O7nNDyI5tSzGSgilrGyQLxWbKY9U2Ddmxt4iwp496mM6VLEaduEQUUKiuRVLjkLg6hishWSvKzc2FruqJ1X3Tgu3u_uwQifCmNyZz0Eaga63npSeBSGO6YzvQZXpDSQbrm_HpRIX9uDUsZArOluVWLyioGSu5sEeKw4d6PB0JkwUxnefRgnDUBUdKrF3eQt_RMwGmEnTQZ83dI6IB-2s7SgCvouwbIov8HwZTlDhrShmU%3D&u=http%3A%2F%2Fwww.nimbus-berlin.com>
> Geschäftsführer: Arno Fiedler
> USt-IdNr. : DE 203 269 920
> D-U-N-S® Nr. 50-730-8117
> HandelsregisterNr:HRB 109409 B
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20180423/a5593fbd/attachment-0003.html>
More information about the Public
mailing list