[Servercert-wg] Ballot SC10 ? Establishing the Network Security Subcommittee of the SCWG

Peter Miškovič Peter.Miskovic at disig.sk
Wed Oct 3 09:46:20 MST 2018

Disig votes "YES" on Ballot SC10 Establishing the Network Security Subcommittee of the SCWG


-----Original Message-----
From: Servercert-wg <servercert-wg-bounces at cabforum.org> On Behalf Of servercert-wg-request at cabforum.org
Sent: Thursday, September 20, 2018 6:03 PM
To: servercert-wg at cabforum.org
Subject: Servercert-wg Digest, Vol 3, Issue 52

Send Servercert-wg mailing list submissions to
	servercert-wg at cabforum.org

To subscribe or unsubscribe via the World Wide Web, visit
or, via email, send a message with subject or body 'help' to
	servercert-wg-request at cabforum.org

You can reach the person managing the list at
	servercert-wg-owner at cabforum.org

When replying, please edit your Subject line so it is more specific than "Re: Contents of Servercert-wg digest..."

Today's Topics:
   1. Ballot SC10 ? Establishing the Network Security Subcommittee
      of the SCWG (Dimitris Zacharopoulos)


Message: 1
Date: Thu, 20 Sep 2018 19:02:24 +0300
From: Dimitris Zacharopoulos <jimmy at it.auth.gr>
To: CA/B Forum Server Certificate WG Public Discussion List
	<servercert-wg at cabforum.org>
Subject: [Servercert-wg] Ballot SC10 ? Establishing the Network
	Security Subcommittee of the SCWG
Message-ID: <ebb8b7d6-4310-bc7e-7e16-258d6e9bf8ef at it.auth.gr>
Content-Type: text/plain; charset="utf-8"; Format="flowed"

      *Purpose of Ballot*

The Network Security Working Group of the CA/Browser Forum expired on June 19, 2018 under the terms of Ballot 203 which established the Working Group. The Server Certificate Working Group wishes to establish a Network Security Subcommittee pursuant to Bylaws 5.3.1(e).

The following motion has been proposed by Dimitris Zacharopoulos of HARICA and endorsed by Tim Hollebeek of DigiCert and Wayne Thayer of Mozilla.



The Server Certificate Working Group hereby establishes the *Network 
Security Subcommittee* as an official Subcommittee.

*1. Mission: *To improve security policies and practices for Certificate 
Management Systems encoded in the guidelines maintained by the SCWG.

2. End Date: *This Subcommittee shall continue until it is dissolved by 
a vote of the SCWG

*3. Deliverables: *The Network Security Subcommittee shall propose 
ballots to the SCWG to improve the minimal security standards within the 
mission defined above This includes modifying the existing Network and 
Certificate System Security Requirements (NCSSR) or to create new 
requirements, guidelines, or best practices. Among other activities, the 
Network Security Subcommittee shall perform security analysis on typical 
CA Management Systems offering options to the Server Certificate Working 
Group for establishing minimal security standards. Risk analysis will 
also be used to provide a better understanding of threats and 
vulnerabilities in Certificate Management Systems. This process can be 
used to provide better reasoning and justification of existing or future 
security guidelines.

*4. Participation: *Any member of the SCWG is eligible and may declare 
their participation in theNetwork Security Subcommittee by requesting to 
be added to the mailing list.

*5. Chair: *Ben Wilson**shall be the initial Chair of the Network 
Security Subcommittee.The Subcommittee may change its Chair from time to 
time by consensus of the Members participating in the Subcommittee or by 
voting method chosen by the Members by consensus.

*6. Communication: *Subcommittee communications and documents shall be 
posted on mailing-lists where the mail-archives are publicly accessible, 
and the Subcommittee shall publish minutes of its meetings.

*7. Effect of SCWG Charter or Forum Bylaws Amendment for Subcommittees: 
*In the event the SCWG Charter or the Forum Bylaws is amended to add 
general rules governing Chartered Working Group Subcommittees and how 
they operate (?General Rules?), the provisions of the General Rules 
shall take precedence over this charter.

*--- MOTION ENDS ---*

The procedure for approval of this ballot is as follows:

*Ballot SC10 ? Establishing the Network Security Subcommittee of the SCWG* 	

*Start time (22:00 UTC)*


*End time (22:00 UTC)*

Discussion (7 days)


20 September 2018


27 September 2018

Vote for approval (7 days)


27 September 2018


4 October 2018

      Additional Information (not part of Ballot)

*Bylaws v1.9*

        *5.3.1 Formation of Chartered Working Groups*

(e) CWGs may establish any number of subcommittees within its own 
Working Group to address any of such CWG?s business (each, a 
?Subcommittee?). A CWG-created Subcommittee needs to be approved by the 
CWG itself according to the approval process set forth in the CWG 
charter, but approval of the Forum is not necessary. Subcommittees must 
exist under an approved CWG.

*Ballot 203: Formation of Network Security Working Group (v2)*

Purpose of Ballot: To form a Network Security Working Group to 
re-evaluate the CAB Forum's Network Security Guidelines.

The following motion has been proposed by Gervase Markham of Mozilla and 
endorsed by Jeremy Rowley of DigiCert?and Moudrick Dadashov of SSC:


In accordance with Section 5.3 of the CA/B Forum Bylaws, the chartering 
of a new Working Group requires a ballot. This ballot charters the 
Network Security Working Group.

The CAB Forum's Network Security Guidelines were adopted in August 2012 
but have not been updated since. Significant doubts have been raised as 
to their fitness for purpose in 2017. Therefore, the Working Group?s 
charter will be as follows:


1. Consider options for revising, replacing or scrapping the Network 
Security Guidelines.


1. A report with one or more proposals for the future of the Network 
Security Guidelines.

2. For proposals involving replacement, details of the availability and 
applicability of the proposed alternative, and what modifications if any 
would be needed to it in order to make it suitable for use.

3. For proposals involving revision, details of the revisions that are 
deemed necessary and how the document will be kept current in the future.

4. For proposals involving scrapping, an explanation of why this is 
preferable to either of the other two options.

5. If there are multiple proposals, optionally a recommendation as to 
which one to pursue and an associated timeline.

6. A form of ballot or ballots to implement any recommendations.


The Working Group shall expire once the deliverables have been 
completed, or on 2018-06-19, whichever happens first.?The expiry date 
given above shall be automatically postponed by 1 year on 2018-05-19 
("postponement date") and each anniversary of the postponement date 
thereafter unless three or more members separately or jointly request on 
the Public Mail List, within one month prior to a particular 
postponement date, that expiry of this Working Group not be postponed in 
that instance.


More information about the Servercert-wg mailing list