[Servercert-wg] Voting Begins on Ballot SC43 Version 2: Clarify Acceptable Status Codes

Ben Wilson bwilson at mozilla.com
Wed Apr 7 00:45:36 UTC 2021


Mozilla withdraws its vote.

On Tue, Apr 6, 2021 at 6:00 PM Aaron Gable via Servercert-wg <
servercert-wg at cabforum.org> wrote:

> Let's Encrypt / ISRG changes our vote to No due to the aforementioned
> Effective Date issue, and looks forward to this ballot being re-issued.
>
> On Thu, Apr 1, 2021 at 10:12 AM Aaron Gable <aaron at letsencrypt.org> wrote:
>
>> Let's Encrypt / ISRG votes yes on SC43v2.
>>
>> Aaron
>>
>> On Thu, Apr 1, 2021 at 9:01 AM Niko Carpenter via Servercert-wg <
>> servercert-wg at cabforum.org> wrote:
>>
>>> Purpose of Ballot:
>>>
>>>
>>>
>>> This ballot clarifies the allowed HTTP status codes used for following
>>> redirects in domain validation methods 18 and 19, and specifies that the
>>> target URI must come from the Location response header.
>>>
>>> In Section 3.2.2.4.18 and 3.2.2.4.19, it replaces
>>>
>>> "Redirects MUST be the result of an HTTP status code result within the
>>> 3xx Redirection class of status codes, as defined in RFC 7231, Section
>>> 6.4." with the following:
>>>
>>>
>>>
>>>   * "Redirects MUST be the result of a 301, 302, 307, or 308 HTTP status
>>> code response."
>>>
>>>   * "Redirects MUST be to resource URLs contained in the Location HTTP
>>> response header."
>>>
>>>
>>>
>>> The following motion has been proposed by Niko Carpenter of SecureTrust
>>> and endorsed by Corey Bonnell of DigiCert and Ryan Sleevi of Google.
>>>
>>>
>>>
>>> --MOTION BEGINS--
>>>
>>>
>>>
>>> This ballot modifies the “Baseline Requirements for the Issuance and
>>> Management of Publicly-Trusted Certificates” as defined in the following
>>> redline, based on Version 1.7.3:
>>>
>>>
>>>
>>>
>>> https://github.com/cabforum/servercert/compare/2b7720f7821764f0ea9d0d583ec5c61896a3f4cd..bd7915249a0360a28fe37b785c367d70645c7e8f
>>> <https://scanmail.trustwave.com/?c=4062&d=9LHc4Ck8YCR0KMOI3EcCF7H8pVIBPn0qiNiZpinsag&s=5&u=https%3a%2f%2fgithub%2ecom%2fcabforum%2fservercert%2fcompare%2f2b7720f7821764f0ea9d0d583ec5c61896a3f4cd%2e%2ebd7915249a0360a28fe37b785c367d70645c7e8f>
>>>
>>>
>>>
>>> --MOTION ENDS--
>>>
>>>
>>>
>>> This ballot proposes a Final Maintenance Guideline.
>>>
>>>
>>>
>>> The procedure for approval of this ballot is as follows:
>>>
>>>
>>>
>>> Discussion (7+ days)
>>>
>>>
>>>
>>> Start Time: 11-March 2021 21:30 UTC
>>>
>>>
>>>
>>> End Time: 01-April 2021 16:00 UTC
>>>
>>>
>>>
>>> Vote for approval (7 days)
>>>
>>>
>>>
>>> Start Time: 01-April 2021 16:00 UTC
>>>
>>>
>>>
>>> End Time: 08-April 2021 16:00 UTC
>>>
>>>
>>>
>>>
>>> *Niko Carpenter  *Software Engineer
>>>
>>> www.securetrust.com
>>> <http://scanmail.trustwave.com/?c=4062&d=9LHc4Ck8YCR0KMOI3EcCF7H8pVIBPn0qiIrO8S3hag&s=5&u=http%3a%2f%2fwww%2esecuretrust%2ecom>
>>>
>>>
>>>
>>> *2020 Best PCI Compliance Provider Winner – Card Not Present Awards*
>>>
>>> This transmission may contain information that is privileged,
>>> confidential, and/or exempt from disclosure under applicable law. If you
>>> are not the intended recipient, you are hereby notified that any
>>> disclosure, copying, distribution, or use of the information contained
>>> herein (including any reliance thereon) is STRICTLY PROHIBITED. If you
>>> received this transmission in error, please immediately contact the sender
>>> and destroy the material in its entirety, whether in electronic or hard
>>> copy format.
>>> This transmission may contain information that is privileged,
>>> confidential, and/or exempt from disclosure under applicable law. If you
>>> are not the intended recipient, you are hereby notified that any
>>> disclosure, copying, distribution, or use of the information contained
>>> herein (including any reliance thereon) is STRICTLY PROHIBITED. If you
>>> received this transmission in error, please immediately contact the sender
>>> and destroy the material in its entirety, whether in electronic or hard
>>> copy format.
>>> _______________________________________________
>>> Servercert-wg mailing list
>>> Servercert-wg at cabforum.org
>>> https://lists.cabforum.org/mailman/listinfo/servercert-wg
>>>
>> _______________________________________________
> Servercert-wg mailing list
> Servercert-wg at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/servercert-wg
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20210406/fb71bdc2/attachment-0001.html>


More information about the Servercert-wg mailing list