[Servercert-wg] VOTING BEGINS: Ballot SC39v3:

García Jimeno, Oscar o-garcia at izenpe.eus
Thu Feb 4 08:57:10 UTC 2021 

Izenpe votes YES on ballot SC39v3

[cid:image001.png at 01D6FADC.21335650]
ERNE! Baliteke mezu honen zatiren bat edo mezu osoa legez babestuta egotea. Mezuak badu bere hartzailea. Okerreko helbidera heldu bada (helbidea gaizki idatzi, transmisioak huts egin) eman abisu igorleari, korreo honi erantzuna. KONTUZ!
ATENCION! Este mensaje contiene informacion privilegiada o confidencial a la que solo tiene derecho a acceder el destinatario. Si usted lo recibe por error le agradeceriamos que no hiciera uso de la informacion y que se pusiese en contacto con el remitente.

De: Servercert-wg <servercert-wg-bounces at cabforum.org> En nombre de Neil Dunbar via Servercert-wg
Enviado el: martes, 2 de febrero de 2021 15:16
Para: CA/B Forum Server Certificate WG Public Discussion List <servercert-wg at cabforum.org>
Asunto: [Servercert-wg] VOTING BEGINS: Ballot SC39v3:

Colleagues,

This begins the voting period for ballot SC39v3: Definition of Critical Vulnerability.

The following motion has been proposed by Neil Dunbar of TrustCor and endorsed by Ben Wilson (Mozilla) and Corey Bonnell (DigiCert).

-- MOTION BEGINS --

This ballot modifies the “Network and Certificate System Security Requirements” based on Version 1.5.

Under the section “Definitions”:

Remove the current definition:

Critical Vulnerability: A system vulnerability that has a CVSS score of 7.0 or higher according to the NVD or an equivalent to such CVSS rating (see http://nvd.nist.gov/home.cfm), or as otherwise designated as a Critical Vulnerability by the CA or the CA/Browser Forum.

Insert a new definition:

Critical Vulnerability: A system vulnerability that has a CVSS v2.0 score of 7.0 or higher according to the NVD or an equivalent to such CVSS rating (see https://nvd.nist.gov/vuln-metrics/cvss), or as otherwise designated as a Critical Vulnerability by the CA or the CA/Browser Forum.

-- MOTION ENDS --

* WARNING *: USE AT YOUR OWN RISK. THE REDLINE BELOW IS NOT THE OFFICIAL VERSION OF THE CHANGES (CABF Bylaws, Section 2.4(a)):

A comparison of the changes can be found at:

https://github.com/cabforum/servercert/compare/2b7720f...neildunbar:61fd381?diff=split

This ballot proposes one Final Maintenance Guideline.

The procedure for approval of this ballot is as follows:

Vote for approval    (7 days)

Start Time: 2020-02-02 1700 UTC
End Time: 2020-02-09 1700 UTC

Regards,

Neil


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20210204/555b931a/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 66239 bytes
Desc: image001.png
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20210204/555b931a/attachment-0001.png>

More information about the Servercert-wg mailing list