[Servercert-wg] Ballot SC31v2: Browser Alignment

Ryan Sleevi sleevi at google.com
Sun Jun 21 18:58:19 MST 2020


This begins the discussion period for Ballot SC31v2: Browser Alignment

*Purpose of Ballot:*

As a regular part of Root Program maintenance, and reflecting the
independent nature of each Root Programs' needs and requirements, Root
Programs have introduced a number of requirements above and beyond those
captured in the Baseline Requirements. For Root Programs, this approach
results in a lack of certainty, as the requirements are not independently
audited and assessed, unless otherwise provided for. For CAs, this
introduces confusion when applying to have the same CA certificate trusted
by multiple Root Programs, as the effective requirements that the CA and
certificates need to comply with are the union of the most-restrictive
policies.

The following ballot attempts to resolve this uncertainty for Root
Programs, and ambiguity for CAs, by incorporating Root Program-specific
requirements that are either effective or will, in the future, be effective.

This was originally drafted in
https://github.com/sleevi/cabforum-docs/pull/10 , and as a pull request is
available at https://github.com/cabforum/documents/pull/195

The full description, and motivation, of each change, along with the
effective dates, are available at the above pull request.

The following motion has been proposed by Ryan Sleevi of Google and
endorsed by Clint Wilson of Apple and Mike Reilly of Microsoft.

The changes since SC31 v1 can be viewed at
https://github.com/cabforum/documents/compare/90a7dfe95d32ae8c76a4fa55c7b038d4928872c6...1bb3be897213b21d15b837befa885b0ba34bfd3d
.
This corrects "Not applicable" to "No stipulation", updates the
formatting/markup for Pandoc and provides additional example text to the
effective date table for the Chair or Vice-Chair.


*--- MOTION BEGINS ---*
This ballot modifies "Baseline Requirements for the Issuance and Management
of Publicly-Trusted Certificates" ("Baseline Requirements") as follows,
based on Version 1.7.0

MODIFY the Baseline Requirements as defined in the following redline:
https://github.com/cabforum/documents/compare/d5067bbbfb46906c65e476ef3d55dd3b2c505a09...1bb3be897213b21d15b837befa885b0ba34bfd3d

This ballot modifies the “Guidelines for the Issuance and Management of
Extended Validation Certificates” (“EV Guidelines”) as follows, based on
version 1.7.2:

MODIFY the EV Guidelines as defined in the following redline:
https://github.com/cabforum/documents/compare/d5067bbbfb46906c65e476ef3d55dd3b2c505a09...1bb3be897213b21d15b837befa885b0ba34bfd3d

The Chair or Vice-Chair is permitted to update the Relevant Dates of the
Baseline Requirements and the EV Guidelines to reflect these changes.


*--- MOTION ENDS ---*
This ballot proposes two Final Maintenance Guidelines.

The procedure for approval of this ballot is as follows:

Discussion (7+ days)
Start Time: 22-June 2020 02:00 UTC
End Time: 29-June 2020 10:00 UTC

Vote for approval (7 days)
Start Time: TBD
End Time: TBD
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20200621/ac05e688/attachment.html>


More information about the Servercert-wg mailing list