[Servercert-wg] Ballot SC-066: Fall 2023 Clean-up v3

Inigo Barreira Inigo.Barreira at sectigo.com
Mon Nov 6 15:49:04 UTC 2023

Thanks for the clarification, for me it´s not a problem to leave the NetSec version number as it is now, v1.7, and therefore apply #423 as initially proposed. I will make the correspondent changes and will provide a new version unless someone else speaks up and have a different view or proposal.

OTOH, and FWIW, I´ve seen that while the CS BRs is the same as in the TLS BRs but the SMIME BRs have the version 1.7 "or later".


-----Mensaje original-----
De: Tobias S. Josefowitz <tobij at opera.com>
Enviado el: lunes, 6 de noviembre de 2023 16:30
Para: Inigo Barreira <Inigo.Barreira at sectigo.com>
CC: CA/B Forum Server Certificate WG Public Discussion List <servercert-wg at cabforum.org>
Asunto: RE: [Servercert-wg] Ballot SC-066: Fall 2023 Clean-up v3

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.

Hi Inigo,

On Mon, 6 Nov 2023, Inigo Barreira wrote:

> Not sure what you are requesting, to not consider the issue #423 and
> remove the version number of the NetSec or that this change can´t be
> considered a "clean-up" ballot and should go on a different one. Or
> none of these ?

Both. Let me re-state my original points with all the possible clarity:

First, this seems to be a highly significant change relating to something that has rightly been identified as sensitive around the formation of the NetSec WG.

Second, since this is such a highly significant change, if it were to be made, it should not be made in a "Clean-up" Ballot. (For what it is worth, I do not think that this change should be made at all.)

> When the #423 was discussed, and Dimitris indicated in the proposal,
> was to remove the version numbers to avoid pointing to old or
> deprecated versions because everytime there was a new version of the
> NetSec, the TLS BRs should change/update and point to the new version.
> Dimitris indicated in the text that we could leave the version of the
> NetSec but I think that we agreed during the call to also remove that
> version number. Maybe someone else can clarify or remember what was
> agreed. If it was decided to keep the version number for the NetSec,
> this can be reverted.

I can understand that the significance of this change could easily be missed during a Meeting situation. Luckily we have the opportunity in the Ballot process to address such questions before a Ballot goes to vote.


More information about the Servercert-wg mailing list