[Servercert-wg] Discussion Period Begins on Ballot SC47: Sunset subject:organizationalUnitName

Thu Jun 10 21:23:07 UTC 2021

Hey Paul,

Sorry I missed this during the earlier review, but just double checking:
Your intent is that a certificate issued on 2022-08-31 00:00:01 MUST NOT
have an OU, right?

That's what the current language means (Section 1.6.4 of the BRs), but
based on the past discussion, I didn't *think* that was your intent, and
wanted to make sure to clarify so that no one got confused.

If that wasn't, and you wanted it to apply no earlier than 2022-09-01, then
the wording should be "issued on or after September 1, 2022"

If you do find yourself needing to change the language (to reflect that you
want it to be allowed on August 31, but not September 1), then I'd suggest
that 9.2.7 of the EVG should, similar to 9.2.6, explicitly reference the
BRs for Required/Optional, rather than attempt to restate (potentially
conflicting) language.

I left the above comments as suggested edits in the Pull Request.

On Thu, Jun 10, 2021 at 9:01 AM Paul van Brouwershaven via Servercert-wg <
servercert-wg at cabforum.org> wrote:

> This email begins the discussion period for Ballot SC47: Sunset
> subject:organizationalUnitName
>
> Purpose of Ballot:
>
> This Ballot sets a sunset date for the `subject:organizationalUnitName` as
> several earlier attempts to strengthen the validation failed to gain
> consensus.
>
> The following motion has been proposed by Paul van Brouwershaven of
> Entrust and endorsed by Ben Wilson of Mozilla and Chema Lopez of
> Firmaprofesional.
>
> It can be viewed on GitHub as
> https://github.com/cabforum/servercert/pull/282
>
> ===== MOTION BEGINS =====
>
> This ballot modifies the “Baseline Requirements for the Issuance and
> Management of Publicly-Trusted Certificates” (“Baseline Requirements”),
> based on Version 1.7.6:
>
> MODIFY the Baseline Requirements as specified in the following Redline:
>
>
> https://github.com/cabforum/servercert/compare/cf4e17a43977dcf7cb9c9e41efd2df4be4707e13...a70e85f256ee01fbfc6625f667305b4e3fb7fee9
>
> This ballot modifies the “Guidelines for the Issuance and Management of
> Extended Validation Certificates” (“EV Guidelines”) as follows, based on
> Version 1.7.6:
>
> MODIFY the EV Guidelines as defined in the following redline:
>
>
> https://github.com/cabforum/servercert/compare/cf4e17a43977dcf7cb9c9e41efd2df4be4707e13...a70e85f256ee01fbfc6625f667305b4e3fb7fee9
>
> ===== MOTION ENDS =====
>
> This ballot proposes a Final Maintenance Guideline.
>
> The procedure for approval of this ballot is as follows:
>
> Discussion (7+ days)
>
> Start Time: 2021-06-10 13:00:00 UTC
> End Time: 2021-06-17 13:00:00 UTC
>
> Vote for approval (7 days)
>
> Start Time: TBD
> End Time: TBD
> _______________________________________________
> Servercert-wg mailing list
> Servercert-wg at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/servercert-wg
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20210610/1d9ad3a4/attachment-0001.html>