[cabfpub] Voting has started on Ballot 190

陳立群 realsky at cht.com.tw
Sun Feb 11 08:46:56 UTC 2018


 

I found in  In  <https://cabforum.org/baseline-requirements-documents/> https://cabforum.org/baseline-requirements-documents/, the current version of BR V1.5.4 (or as attached file) section 3.2.4.7 is read as 

 

3.2.2.4.7 DNS Change

Confirming the Applicant's control over the FQDN by confirming the presence of a Random Value or Request Token for either in a DNS CNAME, TXT or CAA record for either 1) an Authorization Domain Name; or 2) an Authorization Domain Name that is prefixed with a label that begins with an underscore character.

 

     One goal of Ballot 190 (Ballot 190 v8) is to delete "for either" appears twice in above sentence.  (Please see below minor amendments to Ballot 190 discussion.)

 

 

      By current BR V1.5.4 in CABF official website is still reserved two  "for either".

 

      I don’t’ know do we need an extra ballot  to delete a  "for either" again or just publish a correction BR V1.5.4 in CABF website to fix it?  (I saw the same error is appeared in Version 1.5.6 in https://cabforum.org/pipermail/public/2018-February/012976.html )

 

I am deeply grateful to volunteer work by Ben and Kirk. 

 

         Li-Chun Chen

            Chunghwa Telecom 

 

From: Public [mailto:public-bounces at cabforum.org] On Behalf Of Ben Wilson via Public
Sent: Wednesday, September 20, 2017 1:40 AM
To: CA/Browser Forum Public Discussion List
Subject: [外部郵件] Re: [cabfpub] Voting has started on Ballot 190

 

DigiCert votes “yes”

 

From: Public <public-bounces at cabforum.org> on behalf of Kirk Hall via Public <public at cabforum.org>
Reply-To: Kirk Hall <Kirk.Hall at entrustdatacard.com>, CA/Browser Forum Public Discussion List <public at cabforum.org>
Date: Tuesday, September 12, 2017 at 3:23 PM
To: CA/Browser Forum Public Discussion List <public at cabforum.org>
Subject: [cabfpub] Voting has started on Ballot 190

 

Voting has started on Ballot 190 as proposed on Sept 5 (see bottom of this message, and attachments), as amended by my email from Sept. 11 (see immediately below).  Voting runs through Sept. 19 at 18:00 UTC.

 

Entrust votes yes.

 

From: Public [mailto:public-bounces at cabforum.org] On Behalf Of Kirk Hall via Public
Sent: Monday, September 11, 2017 6:01 AM
To: CA/Browser Forum Public Discussion List <public at cabforum.org>
Subject: [EXTERNAL][cabfpub] Two amendments to Ballot 190

 

The proposer and endorsers are making two minor amendments to Ballot 190 as follows.

 

1) In BR 3.2.2.4.6 "Agreed-Upon Change to Website", the current draft Version 8 still has the typo "Request Value" that crept in sometime around BR 1.4. It should be "Random Value".  Accordingly, BR 3.2.2.4.6 in Ballot 190 is changed to read as follows:

 

3.2.2.4.6 Agreed-Upon Change to Website

 

Confirming the Applicant's control over the FQDN by confirming one of the following under the "/.well-known/pki-validation" directory, or another path registered with IANA for the purpose of Domain Validation, on the Authorization Domain Name that is accessible by the CA via HTTP/HTTPS over an Authorized Port:

 

1.       The presence of Required Website Content contained in the content of a file. The entire Required Website Content MUST NOT appear in the request used to retrieve the file or web page, or

 

2.       The presence of the Request Token or Request Random Value contained in the content of a file where the Request Token or Random Value MUST NOT appear in the request. ***

 

2) In Version 8 of BR 3.2.2.4.7, "DNS Change", the current language says:

 

"Confirming the Applicant's control over the FQDN by confirming the presence of a Random Value or Request Token for either in a DNS CNAME, TXT or CAA record for either 1) an Authorization Domain Name; or 2) an Authorization Domain Name that is prefixed with a label that begins with an underscore character."  

 

Note that "for either" appears twice in the sentence, and we think the first occurrence should be deleted.  Accordingly, BR 3.2.2.4.7 in Ballot 190 is changed to read as follows:

 

3.2.2.4.7  DNS Change

Confirming the Applicant's control over the FQDN by confirming the presence of a Random Value or Request Token for either in a DNS CNAME, TXT or CAA record for either 1) an Authorization Domain Name; or 2) an Authorization Domain Name that is prefixed with a label that begins with an underscore character.

 

Voting on Ballot 190 will begin tomorrow, and the text has been changed as shown above.

***

From: Public [mailto:public-bounces at cabforum.org] On Behalf Of Kirk Hall via Public
Sent: Tuesday, September 5, 2017 10:52 AM
To: CA/Browser Forum Public Discussion List <public at cabforum.org>
Subject: [EXTERNAL][cabfpub] Ballot 190 - Discussion Period is starting

 

As agreed on our CABF teleconference last week, we are starting the formal discussion period for Ballot 190 (in this case, v8).  I have attached the ballot in two formats and in three modes.

 

The title of the actual ballot to be voted on uses all capital letters “BALLOT 190 v8 (9-5-2017)”.  I also attach a version that includes some explanatory comments, and a “clean” version showing how the BRs will read if Ballot 190 v8 is adopted “Ballot 190 v8 (9-5-2017) (showing BRs if adopted)”.

 

The discussion period ends Sept. 12 at 18:00 UTC, and the voting period runs Sept. 12-19.

 

This version 8 is based on the prior version 7, but includes a limited number of changes as outlined in emails among me, Ryan, and Doug on Aug. 29-30.  

 

We are almost there!  Thanks to everyone who has worked on this effort over the past two years.  Assuming Ballot 190 passes, the Validation Working Group can then start work on further amendments as outlined in my prior emails.

 



本信件可能包含中華電信股份有限公司機密資訊,非指定之收件者,請勿蒐集、處理或利用本信件內容,並請銷毀此信件. 如為指定收件者,應確實保護郵件中本公司之營業機密及個人資料,不得任意傳佈或揭露,並應自行確認本郵件之附檔與超連結之安全性,以共同善盡資訊安全與個資保護責任. 
Please be advised that this email message (including any attachments) contains confidential information and may be legally privileged. If you are not the intended recipient, please destroy this message and all attachments from your system and do not further collect, process, or use them. Chunghwa Telecom and all its subsidiaries and associated companies shall not be liable for the improper or incomplete transmission of the information contained in this email nor for any delay in its receipt or damage to your system. If you are the intended recipient, please protect the confidential and/or personal information contained in this email with due care. Any unauthorized use, disclosure or distribution of this message in whole or in part is strictly prohibited. Also, please self-inspect attachments and hyperlinks contained in this email to ensure the information security and to protect personal information.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20180211/b7593496/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CA-Browser-Forum-BR-1.5.4.pdf
Type: application/pdf
Size: 588337 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20180211/b7593496/attachment-0002.pdf>


More information about the Public mailing list