[Servercert-wg] Voting period begins: SC-58: require distributionPoint in sharded CRLs
Yoshiro YONEYA
yoshiro.yoneya at jprs.co.jp
Mon Nov 7 06:26:57 UTC 2022
JPRS votes YES to Ballot SC-58.
--
Yoshiro YONEYA <yoshiro.yoneya at jprs.co.jp>
On Mon, 31 Oct 2022 16:15:37 +0000 Aaron Gable via Servercert-wg <servercert-wg at cabforum.org> wrote:
> Purpose of Ballot
>
> Recently, several conversations around the necessity of the
> distributionPoint field (and its containing Issuing Distribution Point
> extension) in sharded CRLs have come to the conclusion that, although the
> distributionPoint field serves an important purpose in defending against
> substitution attacks, RFC 5280's language does not actually require its
> presence.
>
> This ballot augments the Baseline Requirements' CRL Profile to ensure that
> all sharded CRLs contain the distributionPoint field.
>
>
> The following motion has been proposed by Aaron Gable of ISRG / Let's
> Encrypt, and endorsed by Clint Wilson of Apple, Corey Bonnell of DigiCert,
> and Dmitris Zacharopoulos of HARICA.
> Motion Begins
>
> This ballot modifies the “Baseline Requirements for the Issuance and
> Management of Publicly-Trusted Certificates” (“Baseline Requirements”),
> based on Version 1.8.4.
>
>
> MODIFY the Baseline Requirements as specified in the following Redline:
>
> https://github.com/cabforum/servercert/compare/bbca71465ed8a8a76383086039f52c750009286a..348756d64e863c19bcab404671abeeec985d6041
> Motion Ends
>
> This ballot proposes a Final Maintenance Guideline. The procedure for
> approval of this ballot is as follows:
>
>
> Discussion (Completed)
>
> Start time: 2022-10-22 00:00:00 UTC
>
> End time: Not before 2022-10-29 00:00:00 UTC
>
>
> Vote for approval (7 days)
>
> Start time: 2022-10-31 16:00:00 UTC
>
> End time: 2022-11-07 16:00:00 UTC
More information about the Servercert-wg
mailing list