[Servercert-wg] Seeking endorsers: Ballot SC-XX: Measure all hours and days to the second

Tim Hollebeek tim.hollebeek at digicert.com
Tue Jan 9 16:48:56 UTC 2024 

Significantly better, thank you.

 

-Tim

 

From: Aaron Gable <aaron at letsencrypt.org> 
Sent: Monday, January 8, 2024 1:42 PM
To: Tim Hollebeek <tim.hollebeek at digicert.com>
Cc: CA/B Forum Server Certificate WG Public Discussion List <servercert-wg at cabforum.org>
Subject: Re: [Servercert-wg] Seeking endorsers: Ballot SC-XX: Measure all hours and days to the second

 

I've simplified the phrasing further, it feels much less legalese now. Let me know what you think!

 

Thanks again,

Aaron

 

On Thu, Jan 4, 2024 at 2:29 PM Tim Hollebeek <tim.hollebeek at digicert.com <mailto:tim.hollebeek at digicert.com> > wrote:

Yes, there’s a fair amount of legal puffery in the existing BRs (and especially the EVGs) … it’s one of the common causes of lack of clarity, rather than clarity.  I’d prefer to see it slowly removed over time and replaced with clear, straight-forward language that’s easy for non-native speakers to read and comply with.  Obviously much easier said than done, though.

 

That’s one of the dangers of this sort of exercise: we tend to add words and nuance as if it’s making things better … but one thing I’ve slowly learned over the years is that more words do not necessarily lead to increased clarity.

 

-Tim

 

From: Aaron Gable <aaron at letsencrypt.org <mailto:aaron at letsencrypt.org> > 
Sent: Thursday, January 4, 2024 5:17 PM
To: Tim Hollebeek <tim.hollebeek at digicert.com <mailto:tim.hollebeek at digicert.com> >
Cc: CA/B Forum Server Certificate WG Public Discussion List <servercert-wg at cabforum.org <mailto:servercert-wg at cabforum.org> >
Subject: Re: [Servercert-wg] Seeking endorsers: Ballot SC-XX: Measure all hours and days to the second

 

Fair enough! I was aiming for the same style of "reasonable person" as is often found in legal texts, since I had some concern that someone might try to use this phrasing to interpret "11 months" as "11 x 28 = 308 days", which would be a potential minimum value but not one that a reasonable person would assert. I welcome additional help refining this phrasing.

 

Thanks,

Aaron

 

On Thu, Jan 4, 2024 at 12:59 PM Tim Hollebeek <tim.hollebeek at digicert.com <mailto:tim.hollebeek at digicert.com> > wrote:

You don’t want to call out “reasonableness” unless you’re actually going to let people use their discretion.

 

The first new sentence, as I read it, could be rewritten as: “All statements of time periods SHALL be taken to mean exactly that time period, and not one microsecond more.”

 

That is very clear, but it is not the only reasonable interpretation.  Claiming the “minimum” interpretation is the only “reasonable” one is a bit more opinionated and pejorative than is necessary.  It also doesn’t add anything.

 

-Tim

 

From: Servercert-wg <servercert-wg-bounces at cabforum.org <mailto:servercert-wg-bounces at cabforum.org> > On Behalf Of Aaron Gable via Servercert-wg
Sent: Thursday, January 4, 2024 1:06 PM
To: CA/B Forum Server Certificate WG Public Discussion List <servercert-wg at cabforum.org <mailto:servercert-wg at cabforum.org> >
Subject: Re: [Servercert-wg] Seeking endorsers: Ballot SC-XX: Measure all hours and days to the second

 

Hi all,

 

Thanks for the great discussion in the ServerCert WG call this morning!

 

I have updated this draft ballot to attempt to use Clint's language around interpreting time periods to be their minimum value. Please take a look!

 

https://github.com/cabforum/servercert/pull/470/files <https://url.avanan.click/v2/___https:/github.com/cabforum/servercert/pull/470/files___.YXAzOmRpZ2ljZXJ0OmE6bzoyMjY5YTgxZDcxNTE0ZGU4YjBkZjc5ODk0ZGZiYWZjMzo2OjY5ZjY6M2RkYjVhYjI4NTY0ZTJkOTJjZGI0YWE3MmUyZTk1ZWVmZDdlZmY3Yjg5NDczOTU2MTBhZTI1ODI5YjQzY2M3MzpoOkY> 

 

Thanks again,

Aaron

 

On Thu, Dec 21, 2023 at 9:49 AM Aaron Gable <aaron at letsencrypt.org <mailto:aaron at letsencrypt.org> > wrote:

Hi all,

 

As a result of this bugzilla incident <https://url.avanan.click/v2/___https:/bugzilla.mozilla.org/show_bug.cgi?id=1865080___.YXAzOmRpZ2ljZXJ0OmE6bzoyMjY5YTgxZDcxNTE0ZGU4YjBkZjc5ODk0ZGZiYWZjMzo2Ojc5MDk6N2Y5OWEwNTEwYTIxNGUyZjgwY2Q0NmJiMGQyY2I4MTcxZjMwN2QwZGY2MzA3NDMwZjJhOTRmM2U4ZTZkNDg3NjpoOkY> , and inspired by Ballot SC-52 <https://url.avanan.click/v2/___https:/github.com/cabforum/servercert/pull/327___.YXAzOmRpZ2ljZXJ0OmE6bzoyMjY5YTgxZDcxNTE0ZGU4YjBkZjc5ODk0ZGZiYWZjMzo2OjE5NGQ6ODZiZWM0ZDc1ZDI2YzRkNzM2OGIxMjFlZmY5N2UzOTU4ZjQ5NThjMGM5N2EyMGExYTE5OWIzMjc4ZGY3ZTRiYzpoOkY>  which never came to a vote, I would like to re-propose that the Baseline Requirements clarify that all "hour" and "day" time periods are measured with 1-second precision, and do not refer to calendar days. They currently do this in two separate places (three, if you count the definition of Short-Lived Certificates). I believe it will benefit all readers to instead state this convention once at the beginning of the document, so that it is clear that it applies uniformly to all time periods measured in those units.

 

The pull request can be viewed and commented on here: https://github.com/cabforum/servercert/pull/470 <https://url.avanan.click/v2/___https:/github.com/cabforum/servercert/pull/470___.YXAzOmRpZ2ljZXJ0OmE6bzoyMjY5YTgxZDcxNTE0ZGU4YjBkZjc5ODk0ZGZiYWZjMzo2OmZkOTE6ODM5YWFmMzkyYjM4OThmMTU3NmVjMjdlNTk2Y2ZjNWZhZDRmODZjOTQyNzcwY2FjMWQ3ZTU1ODRjOWU3YmRmYjpoOkY> 

The precise diff that will become the ballot redline if no changes are requested can be viewed here: https://github.com/cabforum/servercert/compare/90a98dc7c1131eaab01af411968aa7330d315b9b...c3e928e73caed8c8489ab5406127aad661b8a63e <https://url.avanan.click/v2/___https:/github.com/cabforum/servercert/compare/90a98dc7c1131eaab01af411968aa7330d315b9b...c3e928e73caed8c8489ab5406127aad661b8a63e___.YXAzOmRpZ2ljZXJ0OmE6bzoyMjY5YTgxZDcxNTE0ZGU4YjBkZjc5ODk0ZGZiYWZjMzo2OjdjNjQ6MTI0NDAzNTNlYjI5MGE4YTcxYmEzNzFjZjRmMWU1NGQzNmYwNGZhZDk0ZGM3OWNkM2VhMDE5MWZjYjU5MTRiNTpoOkY> 

 

I am seeking endorsers for this ballot.

 

Thank you!

Aaron

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20240109/cbf9f707/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5231 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20240109/cbf9f707/attachment-0001.p7s>

More information about the Servercert-wg mailing list