[cabfpub] [EXTERNAL]Re: Draft Ballot to establish new SCWG Network Security Subcommittee

Kirk Hall Kirk.Hall at entrustdatacard.com
Sun Jul 22 21:48:34 UTC 2018


That looks much better then what I posted – I agree.

From: Dimitris Zacharopoulos [mailto:jimmy at it.auth.gr]
Sent: Sunday, July 22, 2018 10:39 AM
To: Kirk Hall <Kirk.Hall at entrustdatacard.com>; CA/Browser Forum Public Discussion List <public at cabforum.org>
Subject: [EXTERNAL]Re: [cabfpub] Draft Ballot to establish new SCWG Network Security Subcommittee

Kirk,

About the NetSec Subcommittee, I believe we should take into account the conclusion paragraph of the deliverable<https://cabforum.org/pipermail/public/2018-June/013587.html> published on June 22nd 2018. The conclusion was not to "scrap" the NetSec Guidelines. I propose the following:

--- BEGIN ---

The Server Certificate Working Group formally establishes the Network Security Subcommittee as an official Subcommittee.

Scope: Revising and improving the Network and Certificate Systems Security Requirements (NCSSRs).

Out of Scope: No provision.

Deliverables: The Network Security Subcommittee shall produce one or more documents offering options to the Forum for establishing minimal security standards within the scope defined above. These renewed NCSSR documents will serve CAs, auditors and browsers in giving a state of the art set of rules for the deployment and operation of CAs computing infrastructures.

Within the scope of the SCWG Charter: Yes

End Date: None

--- END---

Best regards,
Dimitris.
On 22/7/2018 4:47 πμ, Kirk Hall via Public wrote:
No matter what procedure we choose for establishing new SCWG Subcommittees, we will need a formal scope for each Subcommittee.  This is a first draft of such a scope for the Network Security Subcommittee.

The existing Network Security WG was created by Ballot 203.     https://cabforum.org/2017/06/19/ballot-203-formation-network-security-working-group   I have slightly modified the language of that ballot to create a SCWG Subcommittee – this would be the language of a Ballot.  Please offer edits – simpler is better.  We can try to finalize on our SCWG teleconference on July 26.

Because the previous Working Group had a sunset date, I added a sunset of Sept. 1, 2020 (two years).



The Server Certificate Working Group formally establishes the Network Security Subcommittee as an official Subcommittee of the SCWG.



Scope: Consider options for revising, replacing or scrapping the Network Security Guidelines.


Out of Scope: No provision.


Deliverables: Deliverables:

1. Reports with one or more proposals for the future of the Network Security Guidelines.

2. For proposals involving replacement, details of the availability and applicability of the proposed alternative, and what modifications if any would be needed to it in order to make it suitable for use.

3. For proposals involving revision, details of the revisions that are deemed necessary and how the document will be kept current in the future.

4. For proposals involving scrapping, an explanation of why this is preferable to either of the other two options.

5. If there are multiple proposals, optionally a recommendation as to which one to pursue and an associated timeline.

6. A form of ballot or ballots to implement any recommendations.

Within the scope of the SCWG Charter: Yes

End Date: September 1, 2020






_______________________________________________

Public mailing list

Public at cabforum.org<mailto:Public at cabforum.org>

https://cabforum.org/mailman/listinfo/public

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20180722/b222e455/attachment-0003.html>


More information about the Public mailing list