[cabfpub] Voting has started on Ballot SC10 - Establishing the Network Security Subcommittee of the SCWG

Ramiro Muñoz ramirom at camerfirma.com
Fri Sep 28 07:53:04 UTC 2018


AC CAMERFIRMA SA votes “YES” on Ballot SC10.

 

Ramiro Muñoz Muñoz 

AC Camerfirma SA.

CTO, Exploitation Manager, CISA.

+34 619 746 291 · ramirom at camerfirma.com. 

https://www.linkedin.com/in/ramirom.

________________________________________

Este mensaje, y en su caso, cualquier fichero anexo al mismo, puede contener
información CONFIDENCIAL, siendo para uso exclusivo del destinatario,
quedando prohibida su divulgación copia o distribución a terceros. Si Vd. ha
recibido este mensaje erróneamente, se ruega lo notifique al remitente y
proceda a su borrado.

De conformidad con lo establecido en el Reglamento UE 2016/679 de 27 de
abril de 2016 General de Protección de Datos, se le informa que la empresa
AC CAMERFIRMA, S.A. tratará la información que nos facilita con el exclusivo
fin de cumplir con las obligaciones derivadas de la relación comercial o
contractual adquirida con usted y que sus datos no podrán ser objeto de otro
tratamiento ni de cesión a terceros salvo en los casos en que exista una
obligación legal. 

Usted tiene derecho a obtener confirmación acerca del tratamiento de sus
datos personales, y a ejercer sus derechos de acceso, rectificación,
supresión, limitación y portabilidad en el tratamiento, dirigiéndose a AC
CAMERFIRMA, S.A., mediante comunicación escrita remitida a la dirección C/
Ribera del Loira 12 (28042) Madrid, o a la dirección electrónica
juridico at camerfirma.com o a través de la web de incidencias disponible en la
página web  <http://webcrm.camerfirma.com/incidencias/incidencias.php>
http://webcrm.camerfirma.com/incidencias/incidencias.php

 

[EN]

This message, and if applicable, any file attached to it, may contain
CONFIDENTIAL information for the exclusive use of the recipient, being
prohibited its disclosure copy or distribution to third parties. If you have
received this message incorrectly, please notify the sender and proceed with
its deletion.

In accordance with the provisions of the EU Regulation 2016/679 of April 27,
2016 General Data Protection, you are informed that the company AC
CAMERFIRMA, S.A. will treat the information you provide us with the sole
purpose of complying with the obligations derived from the commercial or
contractual relationship acquired with you and that your data will not be
subject to another treatment or assignment to third parties except in cases
where there is an legal obligation.

You have the right to obtain confirmation about your personal data
treatement, and to exercise your rights of access, rectification, deletion,
limitation and portability, contacting AC CAMERFIRMA, SA, by written
communication sent to the address C / Ribera del Loira 12 (28042) Madrid, or
to the legal address juridico at camerfirma.com or through the website
<http://webcrm.camerfirma.com/incidencias/incidencias.php>
http://webcrm.camerfirma.com/incidencias/incidencias.php

 

 

From: Public <public-bounces at cabforum.org
<mailto:public-bounces at cabforum.org> > On Behalf Of Kirk Hall via Public
Sent: Friday, September 28, 2018 8:26 AM
To: CABFPub <public at cabforum.org <mailto:public at cabforum.org> >
Subject: [cabfpub] Voting has started on Ballot SC10 – Establishing the
Network Security Subcommittee of the SCWG

 

Voting ends on 4 October 2018 at 22:00 UTC.

 

From: Servercert-wg [mailto:servercert-wg-bounces at cabforum.org] On Behalf Of
Dimitris Zacharopoulos via Servercert-wg
Sent: Thursday, September 20, 2018 9:02 AM
To: CA/B Forum Server Certificate WG Public Discussion List
<servercert-wg at cabforum.org <mailto:servercert-wg at cabforum.org> >
Subject: [Servercert-wg] Ballot SC10 – Establishing the Network Security
Subcommittee of the SCWG


Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG


 


Purpose of Ballot 


The Network Security Working Group of the CA/Browser Forum expired on June
19, 2018 under the terms of Ballot 203 which established the Working Group.
The Server Certificate Working Group wishes to establish a Network Security
Subcommittee pursuant to Bylaws 5.3.1(e).

The following motion has been proposed by Dimitris Zacharopoulos of HARICA
and endorsed by Tim Hollebeek of DigiCert and Wayne Thayer of Mozilla.

--- MOTION BEGINS ---

The Server Certificate Working Group hereby establishes the Network Security
Subcommittee as an official Subcommittee.

1. Mission: To improve security policies and practices for Certificate
Management Systems encoded in the guidelines maintained by the SCWG. 


2. End Date: This Subcommittee shall continue until it is dissolved by a
vote of the SCWG

3. Deliverables: The Network Security Subcommittee shall propose ballots to
the SCWG to improve the minimal security standards within the mission
defined above This includes modifying the existing Network and Certificate
System Security Requirements (NCSSR) or to create new requirements,
guidelines, or best practices. Among other activities, the Network Security
Subcommittee shall perform security analysis on typical CA Management
Systems offering options to the Server Certificate Working Group for
establishing minimal security standards. Risk analysis will also be used to
provide a better understanding of threats and vulnerabilities in Certificate
Management Systems. This process can be used to provide better reasoning and
justification of existing or future security guidelines.

4. Participation: Any member of the SCWG is eligible and may declare their
participation in the Network Security Subcommittee by requesting to be added
to the mailing list. 

5. Chair: Ben Wilson shall be the initial Chair of the Network Security
Subcommittee.  The Subcommittee may change its Chair from time to time by
consensus of the Members participating in the Subcommittee or by voting
method chosen by the Members by consensus.  

6. Communication: Subcommittee communications and documents shall be posted
on mailing-lists where the mail-archives are publicly accessible, and the
Subcommittee shall publish minutes of its meetings.

7. Effect of SCWG Charter or Forum Bylaws Amendment for Subcommittees: In
the event the SCWG Charter or the Forum Bylaws is amended to add general
rules governing Chartered Working Group Subcommittees and how they operate
(“General Rules”), the provisions of the General Rules shall take precedence
over this charter.

--- MOTION ENDS ---

 

The procedure for approval of this ballot is as follows: 


Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

Start time (22:00 UTC) 

End time (22:00 UTC) 


Discussion (7 days) 

20 September 2018 

27 September 2018 


Vote for approval (7 days) 

27 September 2018 

4 October 2018 

  


Additional Information (not part of Ballot)


Bylaws v1.9


5.3.1 Formation of Chartered Working Groups


(e) CWGs may establish any number of subcommittees within its own Working
Group to address any of such CWG’s business (each, a “Subcommittee”). A
CWG-created Subcommittee needs to be approved by the CWG itself according to
the approval process set forth in the CWG charter, but approval of the Forum
is not necessary. Subcommittees must exist under an approved CWG.

 

Ballot 203: Formation of Network Security Working Group (v2) 

 

Purpose of Ballot: To form a Network Security Working Group to re-evaluate
the CAB Forum's Network Security Guidelines.

 

The following motion has been proposed by Gervase Markham of Mozilla and
endorsed by Jeremy Rowley of DigiCert and Moudrick Dadashov of SSC:

 

-- MOTION BEGINS –

 

In accordance with Section 5.3 of the CA/B Forum Bylaws, the chartering of a
new Working Group requires a ballot. This ballot charters the Network
Security Working Group.

 

The CAB Forum's Network Security Guidelines were adopted in August 2012 but
have not been updated since. Significant doubts have been raised as to their
fitness for purpose in 2017. Therefore, the Working Group’s charter will be
as follows:

 

Scope

 

1. Consider options for revising, replacing or scrapping the Network
Security Guidelines.

 

Deliverables

1. A report with one or more proposals for the future of the Network
Security Guidelines.

2. For proposals involving replacement, details of the availability and
applicability of the proposed alternative, and what modifications if any
would be needed to it in order to make it suitable for use.

3. For proposals involving revision, details of the revisions that are
deemed necessary and how the document will be kept current in the future.

4. For proposals involving scrapping, an explanation of why this is
preferable to either of the other two options.

5. If there are multiple proposals, optionally a recommendation as to which
one to pursue and an associated timeline.

6. A form of ballot or ballots to implement any recommendations.

 

Expiry

The Working Group shall expire once the deliverables have been completed, or
on 2018-06-19, whichever happens first. The expiry date given above shall be
automatically postponed by 1 year on 2018-05-19 ("postponement date") and
each anniversary of the postponement date thereafter unless three or more
members separately or jointly request on the Public Mail List, within one
month prior to a particular postponement date, that expiry of this Working
Group not be postponed in that instance.

 

-- MOTION ENDS --

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20180928/a9e3b25e/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5974 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20180928/a9e3b25e/attachment-0003.p7s>


More information about the Public mailing list