[Servercert-wg] Ballot FORUM-4 v2
Dimitris Zacharopoulos
jimmy at it.auth.gr
Sun Sep 16 21:08:02 MST 2018
I agree with Richard. 411-2 is based on 411-1. Here is a previous
discussion on this topic
(https://cabforum.org/mailman/private/management/2016-June/012888.html).
Thanks,
Dimitris.
On 16/9/2018 11:30 μμ, tScheme Technical Director wrote:
>
> Hi Sander,
>
> I believe that the CA Browser forum requirements are all captured in
> 319 411-1 and all 319 411-2 says is that for QCP-w all the relevant
> requirements of 319 411-1 apply – so part 2 adds nothing as far as
> browser program requirements are concerned.
>
> Regards
>
> Richard
>
> ------------------------------------
> Richard Trevorah
> Technical Director
> tScheme Limited
>
> M: +44 (0) 781 809 4728
> F: +44 (0) 870 005 6311
>
> http://www.tscheme.org <http://www.tscheme.org/>
> ------------------------------------
>
> The information in this message and, if present, any attachments are
> intended solely for the attention and use of the named addressee(s).
> The content of this e-mail and its attachments is confidential and may
> be legally privileged. Unless otherwise stated, any use or disclosure
> is unauthorised and may be unlawful.
>
> If you are not the intended recipient, please delete the message and
> any attachments and notify the sender as soon as practicable
>
> *From:*Servercert-wg <servercert-wg-bounces at cabforum.org> *On Behalf
> Of *Sander Remmerswaal, [Digidentity] via Servercert-wg
> *Sent:* 16 September 2018 20:21
> *To:* Dimitris Zacharopoulos <jimmy at it.auth.gr>; CA/B Forum Server
> Certificate WG Public Discussion List <servercert-wg at cabforum.org>
> *Subject:* Re: [Servercert-wg] Ballot FORUM-4 v2
>
> Hi Dimitris,
>
> Shouldn’t we include ETSI EN 319 411-2 as well (QCP-w: website
> authentication)? Maybe there is a risk of using the old ETSI standards
> but no CAB should use those for a certification assessments.
>
> Regards,
>
> Sander
>
> Sander
>
>
>
>
>
> Remmerswaal
>
>
>
> |
>
>
>
> Chief Security Officer
>
>
>
> | Digidentity BV |
>
>
>
> *Office: +31 (0) 88 778 7878* <tel:%20+31%20%280%2988%207787878>
>
> Waldorpstraat 17p | 2521CA The Hague | The Netherlands |
>
>
>
> Email: *SRemmerswaal at digidentity.com*
> <mailto:SRemmerswaal at digidentity.com>
>
> *From: *Servercert-wg <servercert-wg-bounces at cabforum.org
> <mailto:servercert-wg-bounces at cabforum.org>> on behalf of Dimitris
> Zacharopoulos via Servercert-wg <servercert-wg at cabforum.org
> <mailto:servercert-wg at cabforum.org>>
> *Reply-To: *Dimitris Zacharopoulos <jimmy at it.auth.gr
> <mailto:jimmy at it.auth.gr>>, CA/B Forum Server Certificate WG Public
> Discussion List <servercert-wg at cabforum.org
> <mailto:servercert-wg at cabforum.org>>
> *Date: *Sunday, 16 September 2018 at 20:06
> *To: *InigoBarreira <v-inigo at 360.cn <mailto:v-inigo at 360.cn>>, CA/B
> Forum Server Certificate WG Public Discussion List
> <servercert-wg at cabforum.org <mailto:servercert-wg at cabforum.org>>,
> CA/Browser Forum Public Discussion List <public at cabforum.org
> <mailto:public at cabforum.org>>
> *Subject: *Re: [Servercert-wg] Ballot FORUM-4 v2
>
> Hi Inigo,
>
> Tim has withdrawn the changes to ETSI because his main goal is to just
> fix the Bylaws with the language of Ballot 206. The risk of CAs using
> the old TS standards is already very high and we should not wait any
> longer to fix this. I'd be happy to propose a new ballot to fix the
> ETSI language for the Bylaws and the SCWG charter.
>
> I will propose replacing:
>
> "or ETSI TS 102042, ETSI 101456, or ETSI EN 319 411-1"
>
> with "or ETSI EN 319 411-1".
>
> That's the only change I am currently willing to propose/endorse.
> Looking for two endorsers.
>
>
> Thanks,
> Dimitris.
>
> On 14/9/2018 10:06 πμ, InigoBarreira via Servercert-wg wrote:
>
> Tim,
>
> I´d remove all mentions to ETSI TS documents (102 042 and 101 456)
> in all CABF documents. These TSs have not been updated for years,
> they don´t reflect the current requirements of the CABF.
>
> Regards
>
> ------------------------------------------------------------------------
>
> *De:*Servercert-wg [servercert-wg-bounces at cabforum.org
> <mailto:servercert-wg-bounces at cabforum.org>] en nombre de Tim
> Hollebeek via Servercert-wg [servercert-wg at cabforum.org
> <mailto:servercert-wg at cabforum.org>]
> *Enviado:* jueves, 13 de septiembre de 2018 20:46
> *Para:* Tim Hollebeek; CA/Browser Forum Public Discussion List;
> Ryan Sleevi; servercert-wg at cabforum.org
> <mailto:servercert-wg at cabforum.org>
> *Asunto:* Re: [Servercert-wg] Ballot FORUM-4 v2
>
> As discussed on the Validation WG call, this unfortunately is
> probably not going to be possible for this particular ballot. Ben
> did a lot of work to get the current redlined document to
> accurately reflect what the Bylaws were intended to be at this point.
>
> In the attached version 3, I’ve corrected a typo that was left
> behind after I reverted the ETSI changes. I would urge a few
> people to take a close look at it and make sure there are no
> additional errors …
>
> I’ll aim to update the ballot (again, sigh…) once I’ve heard from
> a few people that it looks good based on analysis that is
> independent of mine and Ben’s.
>
> -Tim
>
> *From:*Public <public-bounces at cabforum.org>
> <mailto:public-bounces at cabforum.org> *On Behalf Of *Tim Hollebeek
> via Public
> *Sent:* Thursday, September 13, 2018 9:33 AM
> *To:* Ryan Sleevi <sleevi at google.com> <mailto:sleevi at google.com>;
> servercert-wg at cabforum.org <mailto:servercert-wg at cabforum.org>
> *Cc:* CABFPub <public at cabforum.org> <mailto:public at cabforum.org>
> *Subject:* Re: [cabfpub] [Servercert-wg] Ballot FORUM-4 v2
>
> I’m highly sympathetic to that, especially with a document as
> important as the Bylaws. I’ve had the same concern as well as I
> look through Ben’s redline. After looking at it closer on the
> plane last night, I have some concerns about what appear to be
> some changes to cross-references that appear correct, but I’m not
> sure if they’re needed.
>
> I will also note that I have previously pointed out that according
> to the Bylaws, redlines are REQUIRED, but cannot be trusted in any
> way, shape, or form, as our Bylaws clearly state they are ignored
> for the purposed of updating the requirements. Yet everyone seems
> to want to review the redlines, not the ballot text. As I’ve
> pointed out several times, creating an additional representation
> of the changes that is required but cannot be trusted doesn’t help
> anyone.
>
> This is really, really silly, and I wish people were more vocal
> and active in finding a solution to it that works for everyone.
> And no, I don’t want to discuss what tools or processes should be
> used to produce redlines.
>
> Each ballot should have one and only one official representation
> of the proposed changes, and no alternative unofficial changes
> should be required. I’ve circulated several proposals, but I
> really don’t care about the details, as long as the problem is solved.
>
> In this case, I think I’m going to look and see if the Ballot Text
> from 216 applies cleanly to the latest Bylaws, and produce a
> redline based on that.
>
> -Tim
>
> *From:*Ryan Sleevi <sleevi at google.com <mailto:sleevi at google.com>>
> *Sent:* Thursday, September 13, 2018 2:15 AM
> *To:* Tim Hollebeek <tim.hollebeek at digicert.com
> <mailto:tim.hollebeek at digicert.com>>; servercert-wg at cabforum.org
> <mailto:servercert-wg at cabforum.org>
> *Cc:* CABFPub <public at cabforum.org <mailto:public at cabforum.org>>
> *Subject:* Re: [Servercert-wg] Ballot FORUM-4 v2
>
> Tim,
>
> I believe there had been a previous suggestion to provide this as
> a clearer redline, rather than an "Adopt Document X". Can you
> clarify that?
>
> By presenting it as you have, it's going to create more work to
> even make sure that the formatting of the document - claiming to
> be a redline - actually matches to the last canonical version, and
> that the changes you've highlighted in red, are, well the changes
> to be made.
>
> I hope you can understand why that's more difficult, because it
> requires wholesale comparison rather than taking the previous
> version and showing how it would be corrected.
>
> On Wed, Sep 12, 2018 at 9:20 PM Tim Hollebeek via Servercert-wg
> <servercert-wg at cabforum.org <mailto:servercert-wg at cabforum.org>>
> wrote:
>
> Ballot FORUM-4 v2: Fix mistakes made during passage of
> Governance Reform Ballot 206
>
> Purpose of Ballot
>
> The Governance Reform ballot (Ballot 206 under the old ballot
> numbering scheme) was extremely complicated and took roughly
> two years to draft.
>
> The changes to the Bylaws from Ballot 216 were intended to be
> included in the Governance Reform ballot, but were
> accidentally not included.
>
> The attached version of the Bylaws restores the important
> discussion period changes that were approved by the members
> but then accidentally overwritten.
>
> The following motion has been proposed by Tim Hollebeek of
> DigiCert and endorsed by Wayne Thayer of Mozilla and Moudrick
> Dadashov of SSC.
>
> --- MOTION BEGINS ---
>
> This ballot replaces the “Bylaws of the CA/Browser Forum”
> version 1.9 with version 2.0 of those Bylaws, attached to this
> ballot.
>
> --- MOTION ENDS ---
>
> The procedure for approval of this ballot is as follows:
>
> Discussion (7 days)
>
> Start Time: 2018-09-12, 9:30 pm Eastern Time
>
> End Time: 2018-09-19, 9:30 pm Eastern Time
>
> Vote for approval (7 days)
>
> Start Time: 2018-09-19, 9:30 pm Eastern Time
>
> End Time: 2018-09-26, 9:30 pm Eastern Time
>
> _______________________________________________
> Servercert-wg mailing list
> Servercert-wg at cabforum.org <mailto:Servercert-wg at cabforum.org>
> http://cabforum.org/mailman/listinfo/servercert-wg
> <https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fcabforum.org%2Fmailman%2Flistinfo%2Fservercert-wg&data=01%7C01%7C%7Cb96051caafac4f0bd56a08d61bff280a%7Cc45b48f313bb448b9356ba7b863c2189%7C1&sdata=5bAzVRlDwTCnHywgiPr7%2B%2BTz2FGN8aftUw2TdX2Nt20%3D&reserved=0>
>
>
>
> _______________________________________________
>
> Servercert-wg mailing list
>
> Servercert-wg at cabforum.org <mailto:Servercert-wg at cabforum.org>
>
> http://cabforum.org/mailman/listinfo/servercert-wg
> <https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fcabforum.org%2Fmailman%2Flistinfo%2Fservercert-wg&data=01%7C01%7C%7Cb96051caafac4f0bd56a08d61bff280a%7Cc45b48f313bb448b9356ba7b863c2189%7C1&sdata=5bAzVRlDwTCnHywgiPr7%2B%2BTz2FGN8aftUw2TdX2Nt20%3D&reserved=0>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20180917/68b3f3c7/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 9864 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20180917/68b3f3c7/attachment-0001.png>
More information about the Servercert-wg
mailing list