[Servercert-wg] Ballot SC10 ? Establishing the Network Security Subcommittee of the SCWG
Chema Lopez
clopez at firmaprofesional.com
Thu Oct 4 01:38:11 MST 2018
Firmaprofesional votes "YES" on Ballot SC10 Establishing the Network
Security Subcommittee of the SCWG
*Chema López GonzálezDirector Área de Innovación, Cumplimiento y
TecnologíaAC Firmaprofesional S.A.*
Av. Torre Blanca, 57.
Edificio ESADECREAPOLIS - Local M2
08173 Sant Cugat del Vallès. Barcelona.
Tel: 93.477.42.45 / 666.429.224
El contenido de este mensaje y de sus anexos es confidencial. Si no es el
destinatario, le hacemos saber que está prohibido utilizarlo, divulgarlo
y/o copiarlo sin tener la autorización correspondiente. Si ha recibido este
mensaje por error, le agradeceríamos que lo haga saber inmediatamente al
remitente y que proceda a destruir el mensaje.
El mié., 3 oct. 2018 a las 18:46, Peter Miškovič via Servercert-wg (<
servercert-wg at cabforum.org>) escribió:
> Disig votes "YES" on Ballot SC10 Establishing the Network Security
> Subcommittee of the SCWG
>
> Regards
> Peter
>
>
> -----Original Message-----
> From: Servercert-wg <servercert-wg-bounces at cabforum.org> On Behalf Of
> servercert-wg-request at cabforum.org
> Sent: Thursday, September 20, 2018 6:03 PM
> To: servercert-wg at cabforum.org
> Subject: Servercert-wg Digest, Vol 3, Issue 52
>
> Send Servercert-wg mailing list submissions to
> servercert-wg at cabforum.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://cabforum.org/mailman/listinfo/servercert-wg
> or, via email, send a message with subject or body 'help' to
> servercert-wg-request at cabforum.org
>
> You can reach the person managing the list at
> servercert-wg-owner at cabforum.org
>
> When replying, please edit your Subject line so it is more specific than
> "Re: Contents of Servercert-wg digest..."
>
>
> Today's Topics:
>
> 1. Ballot SC10 ? Establishing the Network Security Subcommittee
> of the SCWG (Dimitris Zacharopoulos)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Thu, 20 Sep 2018 19:02:24 +0300
> From: Dimitris Zacharopoulos <jimmy at it.auth.gr>
> To: CA/B Forum Server Certificate WG Public Discussion List
> <servercert-wg at cabforum.org>
> Subject: [Servercert-wg] Ballot SC10 ? Establishing the Network
> Security Subcommittee of the SCWG
> Message-ID: <ebb8b7d6-4310-bc7e-7e16-258d6e9bf8ef at it.auth.gr>
> Content-Type: text/plain; charset="utf-8"; Format="flowed"
>
>
> *Purpose of Ballot*
>
> The Network Security Working Group of the CA/Browser Forum expired on June
> 19, 2018 under the terms of Ballot 203 which established the Working Group.
> The Server Certificate Working Group wishes to establish a Network Security
> Subcommittee pursuant to Bylaws 5.3.1(e).
>
> The following motion has been proposed by Dimitris Zacharopoulos of HARICA
> and endorsed by Tim Hollebeek of DigiCert and Wayne Thayer of Mozilla.
>
> *
> *
>
> *--- MOTION BEGINS ---*
>
> The Server Certificate Working Group hereby establishes the *Network
> Security Subcommittee* as an official Subcommittee.
>
> *1. Mission: *To improve security policies and practices for Certificate
> Management Systems encoded in the guidelines maintained by the SCWG.
>
> *
> 2. End Date: *This Subcommittee shall continue until it is dissolved by
> a vote of the SCWG
>
> *3. Deliverables: *The Network Security Subcommittee shall propose
> ballots to the SCWG to improve the minimal security standards within the
> mission defined above This includes modifying the existing Network and
> Certificate System Security Requirements (NCSSR) or to create new
> requirements, guidelines, or best practices. Among other activities, the
> Network Security Subcommittee shall perform security analysis on typical
> CA Management Systems offering options to the Server Certificate Working
> Group for establishing minimal security standards. Risk analysis will
> also be used to provide a better understanding of threats and
> vulnerabilities in Certificate Management Systems. This process can be
> used to provide better reasoning and justification of existing or future
> security guidelines.
>
> *4. Participation: *Any member of the SCWG is eligible and may declare
> their participation in theNetwork Security Subcommittee by requesting to
> be added to the mailing list.
>
> *5. Chair: *Ben Wilson**shall be the initial Chair of the Network
> Security Subcommittee.The Subcommittee may change its Chair from time to
> time by consensus of the Members participating in the Subcommittee or by
> voting method chosen by the Members by consensus.
>
> *6. Communication: *Subcommittee communications and documents shall be
> posted on mailing-lists where the mail-archives are publicly accessible,
> and the Subcommittee shall publish minutes of its meetings.
>
> *7. Effect of SCWG Charter or Forum Bylaws Amendment for Subcommittees:
> *In the event the SCWG Charter or the Forum Bylaws is amended to add
> general rules governing Chartered Working Group Subcommittees and how
> they operate (?General Rules?), the provisions of the General Rules
> shall take precedence over this charter.
>
> *--- MOTION ENDS ---*
>
> The procedure for approval of this ballot is as follows:
>
> *Ballot SC10 ? Establishing the Network Security Subcommittee of the
> SCWG*
>
> *Start time (22:00 UTC)*
>
>
>
> *End time (22:00 UTC)*
>
> Discussion (7 days)
>
>
>
> 20 September 2018
>
>
>
> 27 September 2018
>
> Vote for approval (7 days)
>
>
>
> 27 September 2018
>
>
>
> 4 October 2018
>
>
> Additional Information (not part of Ballot)
>
> *Bylaws v1.9*
>
>
> *5.3.1 Formation of Chartered Working Groups*
>
> (e) CWGs may establish any number of subcommittees within its own
> Working Group to address any of such CWG?s business (each, a
> ?Subcommittee?). A CWG-created Subcommittee needs to be approved by the
> CWG itself according to the approval process set forth in the CWG
> charter, but approval of the Forum is not necessary. Subcommittees must
> exist under an approved CWG.
>
>
> *Ballot 203: Formation of Network Security Working Group (v2)*
>
> Purpose of Ballot: To form a Network Security Working Group to
> re-evaluate the CAB Forum's Network Security Guidelines.
>
> The following motion has been proposed by Gervase Markham of Mozilla and
> endorsed by Jeremy Rowley of DigiCert?and Moudrick Dadashov of SSC:
>
> -- MOTION BEGINS ?
>
> In accordance with Section 5.3 of the CA/B Forum Bylaws, the chartering
> of a new Working Group requires a ballot. This ballot charters the
> Network Security Working Group.
>
> The CAB Forum's Network Security Guidelines were adopted in August 2012
> but have not been updated since. Significant doubts have been raised as
> to their fitness for purpose in 2017. Therefore, the Working Group?s
> charter will be as follows:
>
> Scope
>
> 1. Consider options for revising, replacing or scrapping the Network
> Security Guidelines.
>
> Deliverables
>
> 1. A report with one or more proposals for the future of the Network
> Security Guidelines.
>
> 2. For proposals involving replacement, details of the availability and
> applicability of the proposed alternative, and what modifications if any
> would be needed to it in order to make it suitable for use.
>
> 3. For proposals involving revision, details of the revisions that are
> deemed necessary and how the document will be kept current in the future.
>
> 4. For proposals involving scrapping, an explanation of why this is
> preferable to either of the other two options.
>
> 5. If there are multiple proposals, optionally a recommendation as to
> which one to pursue and an associated timeline.
>
> 6. A form of ballot or ballots to implement any recommendations.
>
> Expiry
>
> The Working Group shall expire once the deliverables have been
> completed, or on 2018-06-19, whichever happens first.?The expiry date
> given above shall be automatically postponed by 1 year on 2018-05-19
> ("postponement date") and each anniversary of the postponement date
> thereafter unless three or more members separately or jointly request on
> the Public Mail List, within one month prior to a particular
> postponement date, that expiry of this Working Group not be postponed in
> that instance.
>
> -- MOTION ENDS --
>
> _______________________________________________
> Servercert-wg mailing list
> Servercert-wg at cabforum.org
> http://cabforum.org/mailman/listinfo/servercert-wg
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20181004/aa6803d0/attachment.html>
More information about the Servercert-wg
mailing list