[Servercert-wg] VOTING BEGINS: Ballot SC39v3:

Gholami, Ali ali.gholami at teliacompany.com
Thu Feb 4 09:27:49 UTC 2021 

Telia Company votes YES for ballot SC39v3.

 

Regards, Ali 

 

Ali Gholami

Security Manager |  CPS PA IT Services, Trust Services

 



 

Telia Company

+46760089090

 <mailto:ali.gholami at teliacompany.com> ali.gholami at teliacompany.com

www.teliacompany.com

 

Telia Company AB, Stockholm 556103-4249

 

 

 

From: Servercert-wg <servercert-wg-bounces at cabforum.org> On Behalf Of Neil Dunbar via Servercert-wg
Sent: Tuesday, February 2, 2021 3:16 PM
To: CA/B Forum Server Certificate WG Public Discussion List <servercert-wg at cabforum.org>
Subject: [Servercert-wg] VOTING BEGINS: Ballot SC39v3:

 

Colleagues, 

This begins the voting period for ballot SC39v3: Definition of Critical Vulnerability.

The following motion has been proposed by Neil Dunbar of TrustCor and endorsed by Ben Wilson (Mozilla) and Corey Bonnell (DigiCert). 

-- MOTION BEGINS -- 

This ballot modifies the “Network and Certificate System Security Requirements” based on Version 1.5. 

Under the section “Definitions”: 

Remove the current definition: 

Critical Vulnerability: A system vulnerability that has a CVSS score of 7.0 or higher according to the NVD or an equivalent to such CVSS rating (see http://nvd.nist.gov/home.cfm), or as otherwise designated as a Critical Vulnerability by the CA or the CA/Browser Forum.


Insert a new definition: 

Critical Vulnerability: A system vulnerability that has a CVSS v2.0 score of 7.0 or higher according to the NVD or an equivalent to such CVSS rating (see https://nvd.nist.gov/vuln-metrics/cvss), or as otherwise designated as a Critical Vulnerability by the CA or the CA/Browser Forum. 

-- MOTION ENDS -- 

* WARNING *: USE AT YOUR OWN RISK. THE REDLINE BELOW IS NOT THE OFFICIAL VERSION OF THE CHANGES (CABF Bylaws, Section 2.4(a)): 

A comparison of the changes can be found at: 

https://github.com/cabforum/servercert/compare/2b7720f...neildunbar:61fd381?diff=split 

This ballot proposes one Final Maintenance Guideline. 

The procedure for approval of this ballot is as follows: 

Vote for approval    (7 days)


Start Time: 2020-02-02 1700 UTC 
End Time: 2020-02-09 1700 UTC

Regards, 

Neil 

 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20210204/e723436f/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 6471 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20210204/e723436f/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6487 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20210204/e723436f/attachment-0001.p7s>

More information about the Servercert-wg mailing list