[Servercert-wg] Voting Begins on Ballot SC43 Version 2: Clarify Acceptable Status Codes
Neil Dunbar
ndunbar at trustcorsystems.com
Tue Apr 6 10:10:28 UTC 2021
I meant SC43v2, of course. Fat fingering to the left!
Neil
On 06/04/2021 10:30, Neil Dunbar via Servercert-wg wrote:
>
> TrustCor will vote NO on Ballot SC32v2, owing to the effective date
> issue discussed elsewhere.
>
> TrustCor is supportive of both the overall text and intent of this
> ballot and looks forward to voting in favour of a revised text which
> will fix this minor issue.
>
> Best regards,
>
> Neil
>
> On 01/04/2021 17:01, Niko Carpenter via Servercert-wg wrote:
>>
>> Purpose of Ballot:
>>
>> �
>>
>> This ballot clarifies the allowed HTTP status codes used for
>> following redirects in domain validation methods 18 and 19, and
>> specifies that the target URI must come from the Location response
>> header.
>>
>> In Section 3.2.2.4.18 and 3.2.2.4.19, it replaces
>>
>> "Redirects MUST be the result of an HTTP status code result within
>> the 3xx Redirection class of status codes, as defined in RFC 7231,
>> Section 6.4." with the following:
>>
>> �
>>
>> � * "Redirects MUST be the result of a 301, 302, 307, or 308 HTTP
>> status code response."
>>
>> � * "Redirects MUST be to resource URLs contained in the Location
>> HTTP response header."
>>
>> �
>>
>> The following motion has been proposed by Niko Carpenter of
>> SecureTrust and endorsed by Corey Bonnell of DigiCert and Ryan Sleevi
>> of Google.
>>
>> �
>>
>> --MOTION BEGINS--
>>
>> �
>>
>> This ballot modifies the �Baseline Requirements for the Issuance
>> and Management of Publicly-Trusted Certificates� as defined in the
>> following redline, based on Version 1.7.3:
>>
>> �
>>
>> https://github.com/cabforum/servercert/compare/2b7720f7821764f0ea9d0d583ec5c61896a3f4cd..bd7915249a0360a28fe37b785c367d70645c7e8f<https://scanmail.trustwave.com/?c=4062&d=9LHc4Ck8YCR0KMOI3EcCF7H8pVIBPn0qiNiZpinsag&s=5&u=https%3a%2f%2fgithub%2ecom%2fcabforum%2fservercert%2fcompare%2f2b7720f7821764f0ea9d0d583ec5c61896a3f4cd%2e%2ebd7915249a0360a28fe37b785c367d70645c7e8f>
>>
>> �
>>
>> --MOTION ENDS--
>>
>> �
>>
>> This ballot proposes a Final Maintenance Guideline.
>>
>> �
>>
>> The procedure for approval of this ballot is as follows:
>>
>> �
>>
>> Discussion (7+ days)
>>
>> �
>>
>> Start Time: 11-March 2021 21:30 UTC
>>
>> �
>>
>> End Time: 01-April 2021 16:00 UTC
>>
>> �
>>
>> Vote for approval (7 days)
>>
>> �
>>
>> Start Time: 01-April 2021 16:00 UTC
>>
>> �
>>
>> End Time: 08-April 2021 16:00 UTC�
>>
>> �
>>
>> *Niko Carpenter�
>> *Software Engineer
>>
>> www.securetrust.com
>> <http://scanmail.trustwave.com/?c=4062&d=9LHc4Ck8YCR0KMOI3EcCF7H8pVIBPn0qiIrO8S3hag&s=5&u=http%3a%2f%2fwww%2esecuretrust%2ecom>
>>
>>
>>
>> /2020 Best PCI Compliance Provider Winner � Card Not Present Awards/
>>
>> This transmission may contain information that is privileged,
>> confidential, and/or exempt from disclosure under applicable law. If
>> you are not the intended recipient, you are hereby notified that any
>> disclosure, copying, distribution, or use of the information
>> contained herein (including any reliance thereon) is STRICTLY
>> PROHIBITED. If you received this transmission in error, please
>> immediately contact the sender and destroy the material in its
>> entirety, whether in electronic or hard copy format.
>>
>> This transmission may contain information that is privileged,
>> confidential, and/or exempt from disclosure under applicable law. If
>> you are not the intended recipient, you are hereby notified that any
>> disclosure, copying, distribution, or use of the information
>> contained herein (including any reliance thereon) is STRICTLY
>> PROHIBITED. If you received this transmission in error, please
>> immediately contact the sender and destroy the material in its
>> entirety, whether in electronic or hard copy format.
>>
>> _______________________________________________
>> Servercert-wg mailing list
>> Servercert-wg at cabforum.org
>> https://lists.cabforum.org/mailman/listinfo/servercert-wg
>
> _______________________________________________
> Servercert-wg mailing list
> Servercert-wg at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/servercert-wg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20210406/39342972/attachment-0001.html>
More information about the Servercert-wg
mailing list