[Servercert-wg] Voting Period Begins - Ballot SC-062 V2: Certificate Profiles Update
Yoshiro YONEYA
yoshiro.yoneya at jprs.co.jp
Tue Mar 14 17:48:50 UTC 2023
JPRS votes YES to Ballot SC-062 V2.
--
Yoshiro YONEYA <yoshiro.yoneya at jprs.co.jp>
On Thu, 9 Mar 2023 19:00:26 +0000 Ryan Dickson via Servercert-wg <servercert-wg at cabforum.org> wrote:
> Purpose of Ballot SC-062 V2
>
> Over the past three years, members of the Server Certificate Working Group
> Validation Subcommittee have collaborated on an update to the Baseline
> Requirements for the Issuance and Management of Publicly-Trusted
> Certificates focused on improving the clarity of Section 7 (“Certificate,
> CRL, and OCSP Profiles”).
>
> The update:
>
> 1.
>
> better aligns certificate content expectations across certificate
> issuers and consumers,
> 2.
>
> reduces the opportunity for confusion resulting from the absence of a
> more precise certificate profile specification, and
> 3.
>
> promotes more consistent and reliable implementations across the
> ecosystem.
>
>
> While most of the proposed updates focus on Section 7, changes were not
> limited to only this section.
>
> Technical discussion related to the proposed changes, along with high-level
> change summaries have been documented in:
>
> -
>
> open GitHub pull requests (originally here
> <https://github.com/sleevi/cabforum-docs/pull/36>, and more recently here
> <https://github.com/cabforum/servercert/pull/373>),
> -
>
> several closed GitHub pull requests made against the “profiles
> <https://github.com/cabforum/servercert/tree/profiles>” branch of the
> servercert GitHub repository (most recently here
> <https://github.com/cabforum/servercert/pull/418>), and
> -
>
> Validation Subcommittee meeting minutes (to include sessions held at
> Face-to-Face meetings).
>
>
> Due to a small number of changes proposed in the ballot that is otherwise
> focused on clarifying existing requirements, an “all-encompassing”
> effective date makes these changes normative beginning 2023-09-15.
>
> The following motion has been proposed by Ryan Dickson of Google and
> endorsed by Clint Wilson of Apple and Dimitris Zacharopoulos of HARICA.
>
>
> ― Motion Begins ―
>
> This ballot modifies the “Baseline Requirements for the Issuance and
> Management of Publicly-Trusted Certificates” (“Baseline Requirements”),
> based on Version 1.8.6.
>
> Notes:
>
> -
>
> Upon beginning discussion for SC-62 V2 on 2/17, Version 1.8.6 was the
> latest approved version of the BRs. During the discussion period, the SC-61
> V4 vote was approved
> <https://lists.cabforum.org/pipermail/servercert-wg/2023-February/003600.html>,
> incrementing the soon to be latest version of the BRs to 1.8.7. These
> changes are in the process of being merged into the main Github repository.
> -
>
> The changes introduced in SC-62 V2
> <https://github.com/cabforum/servercert/compare/e87bc5fcf35f533e58899311e538e6ffe959102e>
> do not conflict with those added in SC-61 V4
> <https://github.com/cabforum/servercert/compare/2c63814fa7f9f7c477c74a6bfbeb57e0fcc5dd5b..aa9fc5d0b2b59504a31638e880cb81c69aefa018>
> .
> -
>
> As observed with other ballots in the past, minor administrative updates
> must be made to the proposed ballot text before publication such that the
> appropriate Version # and Change History are accurately represented (e.g.,
> to indicate these changes will be represented in Version 1.8.8).
>
>
> MODIFY the Baseline Requirements as specified in the following Redline:
> https://github.com/cabforum/servercert/compare/2c63814fa7f9f7c477c74a6bfbeb57e0fcc5dd5b..aa9fc5d0b2b59504a31638e880cb81c69aefa018
>
>
>
> ― Motion Ends ―
>
>
> This ballot proposes a Final Maintenance Guideline. The procedure for
> approval of this ballot is as follows:
>
> Discussion (11+ days)
>
> -
>
> Start time: 2023-02-17 19:00:00 UTC
> -
>
> End time: 2023-03-09 18:59:00 UTC
>
>
> Vote for approval (7 days)
>
> -
>
> Start time: 2023-03-09 19:00:00 UTC
> -
>
> End time: 2023-03-16 19:00:00 UTC
More information about the Servercert-wg
mailing list