[Servercert-wg] Draft Ballot for Cleanups

Ryan Sleevi sleevi at google.com
Thu Oct 17 17:14:08 MST 2019

On Thu, Oct 17, 2019 at 7:59 PM Jacob Hoffman-Andrews via Servercert-wg <
servercert-wg at cabforum.org> wrote:

> I'm working my way through the diffs, and overall this looks great. Thanks
> for putting it together. I do notice there's one important Effective Date
> that's in the past but you haven't removed: 1 July 2012, the overall
> effective date of the BRs. Is there any reason not to remove this one as
> well?

Nope! No strong view.

> There are also some effective dates in 6.1.5. Key Sizes, such as "Validity
> period ending on or before 31 Dec 2013 / Validity period ending after 31
> Dec 2013" (for Subscriber certificates). I think we can get rid of that one
> (but not necessarily the ones for Root CA Certificates and Subordinate CA
> Certificates, because those can have very long lifetimes).

Er, I'm looking at
and 6.1.5 and not seeing that. That is,
to comprehensively fix that (minus a little formatting snafu the next one

> In the same vein, 4.2.2. Approval or Rejection of Certificate Applications
> has a long section that starts with: "CAs SHOULD NOT issue Certificates
> containing a new gTLD under consideration by ICANN." I believe this whole
> section is irrelevant since 2015, because gTLDs that don't yet exist are
> "Internal Names" (i.e. not rooted in the global DNS), and are forbidden for
> that reason. We can remove the whole section and replace the first sentence
> with a MUST NOT. But this should probably be a separate ballot because it
> touches a fair bit of normative language.

Same question - wrong branch?
have covered that?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20191017/00bdb7f6/attachment-0001.html>

More information about the Servercert-wg mailing list