[Servercert-wg] Voting Begins on Ballot SC43 Version 2: Clarify Acceptable Status Codes

Gholami, Ali ali.gholami at teliacompany.com
Tue Apr 6 10:38:51 UTC 2021


Telia votes NO for the ballot SC43 due to the identified error on the
effective date.

 

Best regards, Ali 

 

Ali Gholami

Security Manager |  CPS PA IT Services, Trust Services

 



 

Telia Company

+46760089090

 <mailto:ali.gholami at teliacompany.com> ali.gholami at teliacompany.com

www.teliacompany.com

 

Telia Company AB, Stockholm 556103-4249

 

From: Servercert-wg <servercert-wg-bounces at cabforum.org> On Behalf Of Niko
Carpenter via Servercert-wg
Sent: Thursday, April 1, 2021 6:01 PM
To: CA/B Forum Server Certificate WG Public Discussion List
<servercert-wg at cabforum.org>
Subject: [Servercert-wg] Voting Begins on Ballot SC43 Version 2: Clarify
Acceptable Status Codes

 

Purpose of Ballot:

 

This ballot clarifies the allowed HTTP status codes used for following
redirects in domain validation methods 18 and 19, and specifies that the
target URI must come from the Location response header.

In Section 3.2.2.4.18 and 3.2.2.4.19, it replaces

"Redirects MUST be the result of an HTTP status code result within the 3xx
Redirection class of status codes, as defined in RFC 7231, Section 6.4."
with the following:

 

  * "Redirects MUST be the result of a 301, 302, 307, or 308 HTTP status
code response."

  * "Redirects MUST be to resource URLs contained in the Location HTTP
response header."

 

The following motion has been proposed by Niko Carpenter of SecureTrust and
endorsed by Corey Bonnell of DigiCert and Ryan Sleevi of Google.

 

--MOTION BEGINS--

 

This ballot modifies the "Baseline Requirements for the Issuance and
Management of Publicly-Trusted Certificates" as defined in the following
redline, based on Version 1.7.3:

 

 
<https://scanmail.trustwave.com/?c=4062&d=9LHc4Ck8YCR0KMOI3EcCF7H8pVIBPn0qiN
iZpinsag&s=5&u=https%3a%2f%2fgithub%2ecom%2fcabforum%2fservercert%2fcompare%
2f2b7720f7821764f0ea9d0d583ec5c61896a3f4cd%2e%2ebd7915249a0360a28fe37b785c36
7d70645c7e8f>
https://github.com/cabforum/servercert/compare/2b7720f7821764f0ea9d0d583ec5c
61896a3f4cd..bd7915249a0360a28fe37b785c367d70645c7e8f

 

--MOTION ENDS--

 

This ballot proposes a Final Maintenance Guideline.

 

The procedure for approval of this ballot is as follows:

 

Discussion (7+ days)

 

Start Time: 11-March 2021 21:30 UTC

 

End Time: 01-April 2021 16:00 UTC

 

Vote for approval (7 days)

 

Start Time: 01-April 2021 16:00 UTC

 

End Time: 08-April 2021 16:00 UTC 

 

Niko Carpenter 
Software Engineer

 
<http://scanmail.trustwave.com/?c=4062&d=9LHc4Ck8YCR0KMOI3EcCF7H8pVIBPn0qiIr
O8S3hag&s=5&u=http%3a%2f%2fwww%2esecuretrust%2ecom> www.securetrust.com




2020 Best PCI Compliance Provider Winner - Card Not Present Awards

This transmission may contain information that is privileged, confidential,
and/or exempt from disclosure under applicable law. If you are not the
intended recipient, you are hereby notified that any disclosure, copying,
distribution, or use of the information contained herein (including any
reliance thereon) is STRICTLY PROHIBITED. If you received this transmission
in error, please immediately contact the sender and destroy the material in
its entirety, whether in electronic or hard copy format. 

This transmission may contain information that is privileged, confidential,
and/or exempt from disclosure under applicable law. If you are not the
intended recipient, you are hereby notified that any disclosure, copying,
distribution, or use of the information contained herein (including any
reliance thereon) is STRICTLY PROHIBITED. If you received this transmission
in error, please immediately contact the sender and destroy the material in
its entirety, whether in electronic or hard copy format. 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20210406/b712fd13/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 6471 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20210406/b712fd13/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5614 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20210406/b712fd13/attachment-0001.p7s>


More information about the Servercert-wg mailing list