[Servercert-wg] Ballot FORUM-4 v2

tScheme Technical Director richard.trevorah at tscheme.org
Sun Sep 16 13:30:10 MST 2018


Hi Sander,

 

I believe that the CA Browser forum requirements are all captured in 319 411-1 and all 319 411-2 says is that for QCP-w all the relevant requirements of 319 411-1 apply – so part 2 adds nothing as far as browser program requirements are concerned.

 

Regards

Richard

------------------------------------
Richard Trevorah
Technical Director
tScheme Limited

M: +44 (0) 781 809 4728
F: +44 (0) 870 005 6311

http://www.tscheme.org <http://www.tscheme.org/> 
------------------------------------

The information in this message and, if present, any attachments are intended solely for the attention and use of the named addressee(s). The content of this e-mail and its attachments is confidential and may be legally privileged. Unless otherwise stated, any use or disclosure is unauthorised and may be unlawful.

If you are not the intended recipient, please delete the message and any attachments and notify the sender as soon as practicable

 

 

 

From: Servercert-wg <servercert-wg-bounces at cabforum.org> On Behalf Of Sander Remmerswaal, [Digidentity] via Servercert-wg
Sent: 16 September 2018 20:21
To: Dimitris Zacharopoulos <jimmy at it.auth.gr>; CA/B Forum Server Certificate WG Public Discussion List <servercert-wg at cabforum.org>
Subject: Re: [Servercert-wg] Ballot FORUM-4 v2

 

Hi Dimitris,

 

Shouldn’t we include ETSI EN 319 411-2 as well (QCP-w: website authentication)? Maybe there is a risk of using the old ETSI standards but no CAB should use those for a certification assessments. 

 

Regards,

 

Sander

 

 

 





Sander​

 

Remmerswaal

 | 

Chief Security Officer

 | Digidentity BV | 

 <tel:%20+31%20(0)88%207787878> Office: +31 (0) 88 778 7878




Waldorpstraat 17p | 2521CA The Hague | The Netherlands | 

Email:  <mailto:SRemmerswaal at digidentity.com> SRemmerswaal at digidentity.com





From: Servercert-wg <servercert-wg-bounces at cabforum.org <mailto:servercert-wg-bounces at cabforum.org> > on behalf of Dimitris Zacharopoulos via Servercert-wg <servercert-wg at cabforum.org <mailto:servercert-wg at cabforum.org> >
Reply-To: Dimitris Zacharopoulos <jimmy at it.auth.gr <mailto:jimmy at it.auth.gr> >, CA/B Forum Server Certificate WG Public Discussion List <servercert-wg at cabforum.org <mailto:servercert-wg at cabforum.org> >
Date: Sunday, 16 September 2018 at 20:06
To: InigoBarreira <v-inigo at 360.cn <mailto:v-inigo at 360.cn> >, CA/B Forum Server Certificate WG Public Discussion List <servercert-wg at cabforum.org <mailto:servercert-wg at cabforum.org> >, CA/Browser Forum Public Discussion List <public at cabforum.org <mailto:public at cabforum.org> >
Subject: Re: [Servercert-wg] Ballot FORUM-4 v2

 

Hi Inigo,

Tim has withdrawn the changes to ETSI because his main goal is to just fix the Bylaws with the language of Ballot 206. The risk of CAs using the old TS standards is already very high and we should not wait any longer to fix this. I'd be happy to propose a new ballot to fix the ETSI language for the Bylaws and the SCWG charter.

I will propose replacing:

"or ETSI TS 102042, ETSI 101456, or ETSI EN 319 411-1"

with "or ETSI EN 319 411-1". 

That's the only change I am currently willing to propose/endorse. Looking for two endorsers.


Thanks,
Dimitris.



On 14/9/2018 10:06 πμ, InigoBarreira via Servercert-wg wrote:

Tim,

 

I´d remove all mentions to ETSI TS documents (102 042 and 101 456) in all CABF documents. These TSs have not been updated for years, they don´t reflect the current requirements of the CABF.

 

Regards


  _____  


De: Servercert-wg [servercert-wg-bounces at cabforum.org <mailto:servercert-wg-bounces at cabforum.org> ] en nombre de Tim Hollebeek via Servercert-wg [servercert-wg at cabforum.org <mailto:servercert-wg at cabforum.org> ]
Enviado: jueves, 13 de septiembre de 2018 20:46
Para: Tim Hollebeek; CA/Browser Forum Public Discussion List; Ryan Sleevi; servercert-wg at cabforum.org <mailto:servercert-wg at cabforum.org> 
Asunto: Re: [Servercert-wg] Ballot FORUM-4 v2

As discussed on the Validation WG call, this unfortunately is probably not going to be possible for this particular ballot.  Ben did a lot of work to get the current redlined document to accurately reflect what the Bylaws were intended to be at this point.

 

In the attached version 3, I’ve corrected a typo that was left behind after I reverted the ETSI changes.  I would urge a few people to take a close look at it and make sure there are no additional errors …

 

I’ll aim to update the ballot (again, sigh…) once I’ve heard from a few people that it looks good based on analysis that is independent of mine and Ben’s.

 

-Tim

 

From: Public  <mailto:public-bounces at cabforum.org> <public-bounces at cabforum.org> On Behalf Of Tim Hollebeek via Public
Sent: Thursday, September 13, 2018 9:33 AM
To: Ryan Sleevi  <mailto:sleevi at google.com> <sleevi at google.com>; servercert-wg at cabforum.org <mailto:servercert-wg at cabforum.org> 
Cc: CABFPub  <mailto:public at cabforum.org> <public at cabforum.org>
Subject: Re: [cabfpub] [Servercert-wg] Ballot FORUM-4 v2

 

I’m highly sympathetic to that, especially with a document as important as the Bylaws.  I’ve had the same concern as well as I look through Ben’s redline.  After looking at it closer on the plane last night, I have some concerns about what appear to be some changes to cross-references that appear correct, but I’m not sure if they’re needed.

 

I will also note that I have previously pointed out that according to the Bylaws, redlines are REQUIRED, but cannot be trusted in any way, shape, or form, as our Bylaws clearly state they are ignored for the purposed of updating the requirements.  Yet everyone seems to want to review the redlines, not the ballot text.  As I’ve pointed out several times, creating an additional representation of the changes that is required but cannot be trusted doesn’t help anyone.

 

This is really, really silly, and I wish people were more vocal and active in finding a solution to it that works for everyone.  And no, I don’t want to discuss what tools or processes should be used to produce redlines.

 

Each ballot should have one and only one official representation of the proposed changes, and no alternative unofficial changes should be required.  I’ve circulated several proposals, but I really don’t care about the details, as long as the problem is solved.

 

In this case, I think I’m going to look and see if the Ballot Text from 216 applies cleanly to the latest Bylaws, and produce a redline based on that.

 

-Tim

 

From: Ryan Sleevi <sleevi at google.com <mailto:sleevi at google.com> > 
Sent: Thursday, September 13, 2018 2:15 AM
To: Tim Hollebeek <tim.hollebeek at digicert.com <mailto:tim.hollebeek at digicert.com> >; servercert-wg at cabforum.org <mailto:servercert-wg at cabforum.org> 
Cc: CABFPub <public at cabforum.org <mailto:public at cabforum.org> >
Subject: Re: [Servercert-wg] Ballot FORUM-4 v2

 

Tim,

 

I believe there had been a previous suggestion to provide this as a clearer redline, rather than an "Adopt Document X". Can you clarify that?

 

By presenting it as you have, it's going to create more work to even make sure that the formatting of the document - claiming to be a redline - actually matches to the last canonical version, and that the changes you've highlighted in red, are, well the changes to be made.

 

I hope you can understand why that's more difficult, because it requires wholesale comparison rather than taking the previous version and showing how it would be corrected.

 

On Wed, Sep 12, 2018 at 9:20 PM Tim Hollebeek via Servercert-wg <servercert-wg at cabforum.org <mailto:servercert-wg at cabforum.org> > wrote:

Ballot FORUM-4 v2: Fix mistakes made during passage of Governance Reform Ballot 206

 

Purpose of Ballot

 

The Governance Reform ballot (Ballot 206 under the old ballot numbering scheme) was extremely complicated and took roughly two years to draft. 

The changes to the Bylaws from Ballot 216 were intended to be included in the Governance Reform ballot, but were accidentally not included.

 

The attached version of the Bylaws restores the important discussion period changes that were approved by the members but then accidentally overwritten.

 

The following motion has been proposed by Tim Hollebeek of DigiCert and endorsed by Wayne Thayer of Mozilla and Moudrick Dadashov of SSC.

 

--- MOTION BEGINS ---

 

This ballot replaces the “Bylaws of the CA/Browser Forum” version 1.9 with version 2.0 of those Bylaws, attached to this ballot.

 

--- MOTION ENDS ---

 

The procedure for approval of this ballot is as follows:

 

Discussion (7 days)

 

Start Time: 2018-09-12, 9:30 pm Eastern Time

 

End Time: 2018-09-19, 9:30 pm Eastern Time

 

Vote for approval (7 days)

 

Start Time: 2018-09-19, 9:30 pm Eastern Time

 

End Time: 2018-09-26, 9:30 pm Eastern Time

 

_______________________________________________
Servercert-wg mailing list
Servercert-wg at cabforum.org <mailto:Servercert-wg at cabforum.org> 
http://cabforum.org/mailman/listinfo/servercert-wg <https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fcabforum.org%2Fmailman%2Flistinfo%2Fservercert-wg&data=01%7C01%7C%7Cb96051caafac4f0bd56a08d61bff280a%7Cc45b48f313bb448b9356ba7b863c2189%7C1&sdata=5bAzVRlDwTCnHywgiPr7%2B%2BTz2FGN8aftUw2TdX2Nt20%3D&reserved=0> 





_______________________________________________
Servercert-wg mailing list
Servercert-wg at cabforum.org <mailto:Servercert-wg at cabforum.org> 
http://cabforum.org/mailman/listinfo/servercert-wg <https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fcabforum.org%2Fmailman%2Flistinfo%2Fservercert-wg&data=01%7C01%7C%7Cb96051caafac4f0bd56a08d61bff280a%7Cc45b48f313bb448b9356ba7b863c2189%7C1&sdata=5bAzVRlDwTCnHywgiPr7%2B%2BTz2FGN8aftUw2TdX2Nt20%3D&reserved=0> 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20180916/0373955f/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 9864 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20180916/0373955f/attachment-0001.png>


More information about the Servercert-wg mailing list