[Servercert-wg] VOTING BEGINS: Ballot SC31v3: Browser Alignment

Chema Lopez clopez at firmaprofesional.com
Thu Jul 16 06:14:18 MST 2020

Firmaprofesional votes NO on Ballot SC31 v3, mainly for one reason: a ballot
to add root program provisions to the BRs should only include
non-controversial issues that everyone supports by consensusand not to
include issues previously rejected in other ballots, such as  limiting
certificates to 398 days.

*Chema López*

Director Área Innovación, Cumplimiento y Tecnología

+34 666 429 224

*Barcelona  *Av. Torre Blanca 57, Edif. Esadecreapolis, Local 3B6 - 08173
Sant Cugat del Vallès | +34 934 774 245

*Madrid  *C/ Velázquez 59, 1º Ctro-Izda. - 28001 Madrid | +34 915 762 181


*El contenido de este correo electrónico y de sus anexos es confidencial.
Si usted recibe este mensaje por error, debe saber que está prohibido hacer
uso, divulgación y/o copia del mismo. En tal caso le agradeceríamos que
advierta de inmediato a su remitente y que proceda a destruir el mensaje.*

*Le informamos que, cumpliendo la normativa en materia de protección de
datos, FIRMAPROFESIONAL tratará sus datos con la finalidad de garantizar
las relaciones con la empresa, entidad u organización a la que usted
representa o en la que trabaja y por el período que dure dicha
relación. Podrá ejercer sus derechos de acceso, rectificación, supresión,
limitación, portabilidad y oposición al tratamiento ante el Responsable:
FIRMAPROFESIONAL, S.A., Av. Torre Blanca, 57, local 3B6 (Edificio
Esadecreapolis), 08173 Sant Cugat del Vallès (Barcelona), o bien mediante
correo electrónico a: rgpd at firmaprofesional.com
<rgpd at firmaprofesional.com>, en cualquier caso adjuntando una copia de su
D.N.I. o documento equivalente. Asimismo, podrá formular reclamaciones ante
la Agencia Española de Protección de Datos. Para más información puede
consultar nuestra política de privacidad

> *From: *Servercert-wg <servercert-wg-bounces at cabforum.org> on behalf of
> Ryan Sleevi via Servercert-wg <servercert-wg at cabforum.org>
> *Reply-To: *Ryan Sleevi <sleevi at google.com>, CA/B Forum Server
> Certificate WG Public Discussion List <servercert-wg at cabforum.org>
> *Date: *Thursday, July 9, 2020 at 1:01 PM
> *To: *CA/B Forum Server Certificate WG Public Discussion List <
> servercert-wg at cabforum.org>
> *Subject: *[EXTERNAL][Servercert-wg] VOTING BEGINS: Ballot SC31v3:
> Browser Alignment
> *WARNING:* This email originated outside of Entrust Datacard.
> *DO NOT CLICK* links or attachments unless you trust the sender and know
> the content is safe.
> ------------------------------
> This begins the voting period for Ballot SC31v3: Browser Alignment
> *Purpose of Ballot:*
> As a regular part of Root Program maintenance, and reflecting the
> independent nature of each Root Programs' needs and requirements, Root
> Programs have introduced a number of requirements above and beyond those
> captured in the Baseline Requirements. For Root Programs, this approach
> results in a lack of certainty, as the requirements are not independently
> audited and assessed, unless otherwise provided for. For CAs, this
> introduces confusion when applying to have the same CA certificate trusted
> by multiple Root Programs, as the effective requirements that the CA and
> certificates need to comply with are the union of the most-restrictive
> policies.
> The following ballot attempts to resolve this uncertainty for Root
> Programs, and ambiguity for CAs, by incorporating Root Program-specific
> requirements that are either effective or will, in the future, be effective.
> This was originally drafted in
> https://github.com/sleevi/cabforum-docs/pull/10 , and as a pull request
> is available at https://github.com/cabforum/documents/pull/195
> The full description, and motivation, of each change, along with the
> effective dates, are available at the above pull request.
> The following motion has been proposed by Ryan Sleevi of Google and
> endorsed by Clint Wilson of Apple and Mike Reilly of Microsoft.
> The changes between SC31v1 and SC31v2 can be viewed at
> https://github.com/cabforum/documents/compare/90a7dfe95d32ae8c76a4fa55c7b038d4928872c6...1bb3be897213b21d15b837befa885b0ba34bfd3d .
> This corrects "Not applicable" to "No stipulation", updates the
> formatting/markup for Pandoc and provides additional example text to the
> effective date table for the Chair or Vice-Chair.
> The changes between SC31v2 and SC31v3 can be viewed at
> https://github.com/cabforum/documents/compare/1bb3be897213b21d15b837befa885b0ba34bfd3d...a9a7814da2328c3d3d54d8355eff6fe398354af8 .
> This addresses an issue with certificate suspension for pre-existing,
> non-TLS certificates from TLS-capable subordinate CAs, and attempts to
> clarify the expectations around the use of CRL reason codes by requiring
> they be documented in the CA's CP/CPS. This also shuffles a requirement
> already present in the BRs and the RFCs, regarding Delegated Responders
> being conflated with TLS-capable CAs, into the "Cleanup and Clarification"
> ballot.
> *--- MOTION BEGINS --- *
> This ballot modifies "Baseline Requirements for the Issuance and
> Management of Publicly-Trusted Certificates" ("Baseline Requirements") as
> follows, based on Version 1.7.0
> MODIFY the Baseline Requirements as defined in the following redline:
> https://github.com/cabforum/documents/compare/d5067bbbfb46906c65e476ef3d55dd3b2c505a09...a9a7814da2328c3d3d54d8355eff6fe398354af8
> This ballot modifies the “Guidelines for the Issuance and Management of
> Extended Validation Certificates” (“EV Guidelines”) as follows, based on
> version 1.7.2:
> MODIFY the EV Guidelines as defined in the following redline:
> https://github.com/cabforum/documents/compare/d5067bbbfb46906c65e476ef3d55dd3b2c505a09...a9a7814da2328c3d3d54d8355eff6fe398354af8
> The Chair or Vice-Chair is permitted to update the Relevant Dates of the
> Baseline Requirements and the EV Guidelines to reflect these changes.
> *--- MOTION ENDS --- *
> This ballot proposes two Final Maintenance Guidelines.
> The procedure for approval of this ballot is as follows:
> Discussion (7+ days)
> Start Time: 2-July 2020 00:00 UTC
> End Time: after 9-July 2020 00:00 UTC
> Vote for approval (7 days)
> Start Time: 9-July 2020 17:00 UTC
> End Time: 16-July 2020 17:00 UTC
> _______________________________________________
> Servercert-wg mailing list
> Servercert-wg at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/servercert-wg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20200716/9441d1da/attachment.html>

More information about the Servercert-wg mailing list