[Servercert-wg] [Ext] Voting Begins: SC13 version 5: CAA Contact Property and Associated E-mail Validation Methods
Tim Hollebeek
tim.hollebeek at digicert.com
Fri Dec 21 10:07:26 MST 2018
Russ and I are working with IETF on getting an expert appointed.
-Tim
> -----Original Message-----
> From: Paul Hoffman <paul.hoffman at icann.org>
> Sent: Thursday, December 20, 2018 11:49 AM
> To: Rob Stradling <rob at sectigo.com>; CA/B Forum Server Certificate WG
> Public Discussion List <servercert-wg at cabforum.org>
> Cc: Tim Hollebeek <tim.hollebeek at digicert.com>; CA/Browser Forum Public
> Discussion List <public at cabforum.org>
> Subject: Re: [Ext] [Servercert-wg] Voting Begins: SC13 version 5: CAA
> Contact Property and Associated E-mail Validation Methods
>
> <decloaking for a moment of IETF process discussion>
>
> > On Dec 20, 2018, at 8:32 AM, Rob Stradling via Servercert-wg
<servercert-
> wg at cabforum.org> wrote:
> >
> > Sectigo votes NO.
> >
> > We don't object to the idea behind this ballot, and we don't have any
> > specific objections to the content of this ballot either. However, the
> > IETF has a process for defining new CAA properties, and this process
> > needs to be followed.
> >
> > https://tools.ietf.org/html/rfc6844#section-7.2 says:
> > "Addition of tag identifiers requires a public specification and
> > Expert Review as set out in [RFC6195], Section 3.1.1."
> >
> > The BRs is a "public specification", certainly. However, *before* the
> > new CAA property proposed by this ballot can become enshrined as a
> > requirement in the BRs:
> > 1. An application for "Expert Review" must be submitted
> > and
> > 2. An "approved" response from the designated Expert must be received
> >
> > Since IANA has not yet assigned any Expert(s) to the caa-properties
> > registry [1], it's clear that the required "Expert Review" has not yet
> > occurred.
> >
> >
> > [1]
> > https://www.iana.org/assignments/pkix-parameters/pkix-
> parameters.xhtml#caa-properties
>
> It is worthwhile noting the paragraph of RFC 6844 immediately after the
one
> quoted above:
>
> The tag space is designed to be sufficiently large that exhausting
> the possible tag space need not be a concern. The scope of Expert
> Review SHOULD be limited to the question of whether the specification
> provided is sufficiently clear to permit implementation and to avoid
> unnecessary duplication of functionality.
>
> Even though there is not yet an expert reviewer (which is odd, given that
> they've had almost six years to make that assignment), this text makes it
> sound like the registration in this ballot would very likely be accepted,
and if
> it wasn't, an appeal would almost certainly win.
>
> If this ballot passes, someone from CABForum should send a message to the
> IESG saying "there was no reviewer, we added a property that we think
> meets the requirements, and as soon as you assign an expert reviewer
> (cough cough) we will submit this to the registry".
>
> --Paul Hoffman
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4940 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20181221/0da962f2/attachment-0001.p7s>
More information about the Servercert-wg
mailing list