[Servercert-wg] Seeking endorsers: Ballot SC-XX: Measure all hours and days to the second

Aaron Gable aaron at letsencrypt.org
Mon Jan 8 18:41:35 UTC 2024 

I've simplified the phrasing further, it feels much less legalese now. Let
me know what you think!

Thanks again,
Aaron

On Thu, Jan 4, 2024 at 2:29 PM Tim Hollebeek <tim.hollebeek at digicert.com>
wrote:

> Yes, there’s a fair amount of legal puffery in the existing BRs (and
> especially the EVGs) … it’s one of the common causes of lack of clarity,
> rather than clarity.  I’d prefer to see it slowly removed over time and
> replaced with clear, straight-forward language that’s easy for non-native
> speakers to read and comply with.  Obviously much easier said than done,
> though.
>
>
>
> That’s one of the dangers of this sort of exercise: we tend to add words
> and nuance as if it’s making things better … but one thing I’ve slowly
> learned over the years is that more words do not necessarily lead to
> increased clarity.
>
>
>
> -Tim
>
>
>
> *From:* Aaron Gable <aaron at letsencrypt.org>
> *Sent:* Thursday, January 4, 2024 5:17 PM
> *To:* Tim Hollebeek <tim.hollebeek at digicert.com>
> *Cc:* CA/B Forum Server Certificate WG Public Discussion List <
> servercert-wg at cabforum.org>
> *Subject:* Re: [Servercert-wg] Seeking endorsers: Ballot SC-XX: Measure
> all hours and days to the second
>
>
>
> Fair enough! I was aiming for the same style of "reasonable person" as is
> often found in legal texts, since I had some concern that someone might try
> to use this phrasing to interpret "11 months" as "11 x 28 = 308 days",
> which would be a potential minimum value but not one that a reasonable
> person would assert. I welcome additional help refining this phrasing.
>
>
>
> Thanks,
>
> Aaron
>
>
>
> On Thu, Jan 4, 2024 at 12:59 PM Tim Hollebeek <tim.hollebeek at digicert.com>
> wrote:
>
> You don’t want to call out “reasonableness” unless you’re actually going
> to let people use their discretion.
>
>
>
> The first new sentence, as I read it, could be rewritten as: “All
> statements of time periods SHALL be taken to mean exactly that time period,
> and not one microsecond more.”
>
>
>
> That is very clear, but it is not the only reasonable interpretation.
> Claiming the “minimum” interpretation is the only “reasonable” one is a bit
> more opinionated and pejorative than is necessary.  It also doesn’t add
> anything.
>
>
>
> -Tim
>
>
>
> *From:* Servercert-wg <servercert-wg-bounces at cabforum.org> *On Behalf Of *Aaron
> Gable via Servercert-wg
> *Sent:* Thursday, January 4, 2024 1:06 PM
> *To:* CA/B Forum Server Certificate WG Public Discussion List <
> servercert-wg at cabforum.org>
> *Subject:* Re: [Servercert-wg] Seeking endorsers: Ballot SC-XX: Measure
> all hours and days to the second
>
>
>
> Hi all,
>
>
>
> Thanks for the great discussion in the ServerCert WG call this morning!
>
>
>
> I have updated this draft ballot to attempt to use Clint's language around
> interpreting time periods to be their minimum value. Please take a look!
>
>
>
> https://github.com/cabforum/servercert/pull/470/files
> <https://url.avanan.click/v2/___https:/github.com/cabforum/servercert/pull/470/files___.YXAzOmRpZ2ljZXJ0OmE6bzoyMjY5YTgxZDcxNTE0ZGU4YjBkZjc5ODk0ZGZiYWZjMzo2OjY5ZjY6M2RkYjVhYjI4NTY0ZTJkOTJjZGI0YWE3MmUyZTk1ZWVmZDdlZmY3Yjg5NDczOTU2MTBhZTI1ODI5YjQzY2M3MzpoOkY>
>
>
>
> Thanks again,
>
> Aaron
>
>
>
> On Thu, Dec 21, 2023 at 9:49 AM Aaron Gable <aaron at letsencrypt.org> wrote:
>
> Hi all,
>
>
>
> As a result of this bugzilla incident
> <https://url.avanan.click/v2/___https:/bugzilla.mozilla.org/show_bug.cgi?id=1865080___.YXAzOmRpZ2ljZXJ0OmE6bzoyMjY5YTgxZDcxNTE0ZGU4YjBkZjc5ODk0ZGZiYWZjMzo2Ojc5MDk6N2Y5OWEwNTEwYTIxNGUyZjgwY2Q0NmJiMGQyY2I4MTcxZjMwN2QwZGY2MzA3NDMwZjJhOTRmM2U4ZTZkNDg3NjpoOkY>,
> and inspired by Ballot SC-52
> <https://url.avanan.click/v2/___https:/github.com/cabforum/servercert/pull/327___.YXAzOmRpZ2ljZXJ0OmE6bzoyMjY5YTgxZDcxNTE0ZGU4YjBkZjc5ODk0ZGZiYWZjMzo2OjE5NGQ6ODZiZWM0ZDc1ZDI2YzRkNzM2OGIxMjFlZmY5N2UzOTU4ZjQ5NThjMGM5N2EyMGExYTE5OWIzMjc4ZGY3ZTRiYzpoOkY> which
> never came to a vote, I would like to re-propose that the Baseline
> Requirements clarify that all "hour" and "day" time periods are measured
> with 1-second precision, and do not refer to calendar days. They currently
> do this in two separate places (three, if you count the definition of
> Short-Lived Certificates). I believe it will benefit all readers to instead
> state this convention once at the beginning of the document, so that it is
> clear that it applies uniformly to all time periods measured in those units.
>
>
>
> The pull request can be viewed and commented on here:
> https://github.com/cabforum/servercert/pull/470
> <https://url.avanan.click/v2/___https:/github.com/cabforum/servercert/pull/470___.YXAzOmRpZ2ljZXJ0OmE6bzoyMjY5YTgxZDcxNTE0ZGU4YjBkZjc5ODk0ZGZiYWZjMzo2OmZkOTE6ODM5YWFmMzkyYjM4OThmMTU3NmVjMjdlNTk2Y2ZjNWZhZDRmODZjOTQyNzcwY2FjMWQ3ZTU1ODRjOWU3YmRmYjpoOkY>
>
> The precise diff that will become the ballot redline if no changes are
> requested can be viewed here:
> https://github.com/cabforum/servercert/compare/90a98dc7c1131eaab01af411968aa7330d315b9b...c3e928e73caed8c8489ab5406127aad661b8a63e
> <https://url.avanan.click/v2/___https:/github.com/cabforum/servercert/compare/90a98dc7c1131eaab01af411968aa7330d315b9b...c3e928e73caed8c8489ab5406127aad661b8a63e___.YXAzOmRpZ2ljZXJ0OmE6bzoyMjY5YTgxZDcxNTE0ZGU4YjBkZjc5ODk0ZGZiYWZjMzo2OjdjNjQ6MTI0NDAzNTNlYjI5MGE4YTcxYmEzNzFjZjRmMWU1NGQzNmYwNGZhZDk0ZGM3OWNkM2VhMDE5MWZjYjU5MTRiNTpoOkY>
>
>
>
> I am seeking endorsers for this ballot.
>
>
>
> Thank you!
>
> Aaron
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20240108/1a07d59a/attachment.html>

More information about the Servercert-wg mailing list