[Servercert-wg] Ballots SC20 and SC21

Tobias S. Josefowitz tobij at opera.com
Thu May 30 16:44:49 MST 2019

On Thu, 30 May 2019, Tobias S. Josefowitz wrote:

> On Thu, 30 May 2019, Ryan Sleevi via Servercert-wg wrote:


>>  As noted, the math here shows the worst case is now the 'minimum'
>>  requirement under this proposal. The existing requirements, while sharing
>>  the 'worst' case, have a significantly better 'best' case, which is more
>>  auditable as such.
> Well, except, how do you systematically *not* detect an issue in your 
> configuration for six days? If you have to detect within seven days, I would 
> suppose you have to check ... within seven days, i.e. at least weekly, and 
> once you detect, you detected.

Ryan, is it in fact possible that you intepret 1h to mean that CAs should 
review configuration changes they make intentionally/knowingly and within 
their regular processes?

The interpretation underlying SC20, at least as far as I am concerned, is 
that the objective is to first and foremost detect configuration changes 
that somehow "sneaked in", i.e. a software update changing configuration 
(would likely leave the changed config in violation of policy), staff not 
following the CAs internal process (really should be a policy violation), 
rogue staff (hopefully really would also be a violation of a CA's 
policies) or outright adversarial action (also, hopefully, against policy 
in and by itself).

More information about the Servercert-wg mailing list