[Servercert-wg] Ballot SC10 ? Establishing the Network Security Subcommittee of the SCWG
Peter.Miskovic at disig.sk
Wed Oct 3 09:46:20 MST 2018
Disig votes "YES" on Ballot SC10 Establishing the Network Security Subcommittee of the SCWG
From: Servercert-wg <servercert-wg-bounces at cabforum.org> On Behalf Of servercert-wg-request at cabforum.org
Sent: Thursday, September 20, 2018 6:03 PM
To: servercert-wg at cabforum.org
Subject: Servercert-wg Digest, Vol 3, Issue 52
Send Servercert-wg mailing list submissions to
servercert-wg at cabforum.org
To subscribe or unsubscribe via the World Wide Web, visit
or, via email, send a message with subject or body 'help' to
servercert-wg-request at cabforum.org
You can reach the person managing the list at
servercert-wg-owner at cabforum.org
When replying, please edit your Subject line so it is more specific than "Re: Contents of Servercert-wg digest..."
1. Ballot SC10 ? Establishing the Network Security Subcommittee
of the SCWG (Dimitris Zacharopoulos)
Date: Thu, 20 Sep 2018 19:02:24 +0300
From: Dimitris Zacharopoulos <jimmy at it.auth.gr>
To: CA/B Forum Server Certificate WG Public Discussion List
<servercert-wg at cabforum.org>
Subject: [Servercert-wg] Ballot SC10 ? Establishing the Network
Security Subcommittee of the SCWG
Message-ID: <ebb8b7d6-4310-bc7e-7e16-258d6e9bf8ef at it.auth.gr>
Content-Type: text/plain; charset="utf-8"; Format="flowed"
*Purpose of Ballot*
The Network Security Working Group of the CA/Browser Forum expired on June 19, 2018 under the terms of Ballot 203 which established the Working Group. The Server Certificate Working Group wishes to establish a Network Security Subcommittee pursuant to Bylaws 5.3.1(e).
The following motion has been proposed by Dimitris Zacharopoulos of HARICA and endorsed by Tim Hollebeek of DigiCert and Wayne Thayer of Mozilla.
*--- MOTION BEGINS ---*
The Server Certificate Working Group hereby establishes the *Network
Security Subcommittee* as an official Subcommittee.
*1. Mission: *To improve security policies and practices for Certificate
Management Systems encoded in the guidelines maintained by the SCWG.
2. End Date: *This Subcommittee shall continue until it is dissolved by
a vote of the SCWG
*3. Deliverables: *The Network Security Subcommittee shall propose
ballots to the SCWG to improve the minimal security standards within the
mission defined above This includes modifying the existing Network and
Certificate System Security Requirements (NCSSR) or to create new
requirements, guidelines, or best practices. Among other activities, the
Network Security Subcommittee shall perform security analysis on typical
CA Management Systems offering options to the Server Certificate Working
Group for establishing minimal security standards. Risk analysis will
also be used to provide a better understanding of threats and
vulnerabilities in Certificate Management Systems. This process can be
used to provide better reasoning and justification of existing or future
*4. Participation: *Any member of the SCWG is eligible and may declare
their participation in theNetwork Security Subcommittee by requesting to
be added to the mailing list.
*5. Chair: *Ben Wilson**shall be the initial Chair of the Network
Security Subcommittee.The Subcommittee may change its Chair from time to
time by consensus of the Members participating in the Subcommittee or by
voting method chosen by the Members by consensus.
*6. Communication: *Subcommittee communications and documents shall be
posted on mailing-lists where the mail-archives are publicly accessible,
and the Subcommittee shall publish minutes of its meetings.
*7. Effect of SCWG Charter or Forum Bylaws Amendment for Subcommittees:
*In the event the SCWG Charter or the Forum Bylaws is amended to add
general rules governing Chartered Working Group Subcommittees and how
they operate (?General Rules?), the provisions of the General Rules
shall take precedence over this charter.
*--- MOTION ENDS ---*
The procedure for approval of this ballot is as follows:
*Ballot SC10 ? Establishing the Network Security Subcommittee of the SCWG*
*Start time (22:00 UTC)*
*End time (22:00 UTC)*
Discussion (7 days)
20 September 2018
27 September 2018
Vote for approval (7 days)
27 September 2018
4 October 2018
Additional Information (not part of Ballot)
*5.3.1 Formation of Chartered Working Groups*
(e) CWGs may establish any number of subcommittees within its own
Working Group to address any of such CWG?s business (each, a
?Subcommittee?). A CWG-created Subcommittee needs to be approved by the
CWG itself according to the approval process set forth in the CWG
charter, but approval of the Forum is not necessary. Subcommittees must
exist under an approved CWG.
*Ballot 203: Formation of Network Security Working Group (v2)*
Purpose of Ballot: To form a Network Security Working Group to
re-evaluate the CAB Forum's Network Security Guidelines.
The following motion has been proposed by Gervase Markham of Mozilla and
endorsed by Jeremy Rowley of DigiCert?and Moudrick Dadashov of SSC:
-- MOTION BEGINS ?
In accordance with Section 5.3 of the CA/B Forum Bylaws, the chartering
of a new Working Group requires a ballot. This ballot charters the
Network Security Working Group.
The CAB Forum's Network Security Guidelines were adopted in August 2012
but have not been updated since. Significant doubts have been raised as
to their fitness for purpose in 2017. Therefore, the Working Group?s
charter will be as follows:
1. Consider options for revising, replacing or scrapping the Network
1. A report with one or more proposals for the future of the Network
2. For proposals involving replacement, details of the availability and
applicability of the proposed alternative, and what modifications if any
would be needed to it in order to make it suitable for use.
3. For proposals involving revision, details of the revisions that are
deemed necessary and how the document will be kept current in the future.
4. For proposals involving scrapping, an explanation of why this is
preferable to either of the other two options.
5. If there are multiple proposals, optionally a recommendation as to
which one to pursue and an associated timeline.
6. A form of ballot or ballots to implement any recommendations.
The Working Group shall expire once the deliverables have been
completed, or on 2018-06-19, whichever happens first.?The expiry date
given above shall be automatically postponed by 1 year on 2018-05-19
("postponement date") and each anniversary of the postponement date
thereafter unless three or more members separately or jointly request on
the Public Mail List, within one month prior to a particular
postponement date, that expiry of this Working Group not be postponed in
-- MOTION ENDS --
More information about the Servercert-wg