<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:Helvetica;
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
@font-face
{font-family:"Segoe UI Symbol \,sans-serif";}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";
color:black;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;
color:black;}
span.EmailStyle20
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle21
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle22
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle23
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:441415494;
mso-list-type:hybrid;
mso-list-template-ids:65405346 -1370206504 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
@list l0:level1
{mso-level-text:"\(%1\)";
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level2
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level3
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l0:level4
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level5
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level6
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l0:level7
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level8
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level9
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l1
{mso-list-id:707223011;
mso-list-template-ids:555224318;}
@list l1:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level2
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2
{mso-list-id:1009256683;
mso-list-template-ids:-2144552986;}
@list l2:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l2:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body bgcolor=white lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span style='color:windowtext'>Ok, I think I get it.<o:p></o:p></span></p><p class=MsoNormal><span style='color:windowtext'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:windowtext'>We should either:<o:p></o:p></span></p><p class=MsoNormal><span style='color:windowtext'><o:p> </o:p></span></p><ol style='margin-top:0in' start=1 type=1><li class=MsoListParagraph style='color:windowtext;margin-left:0in;mso-list:l0 level1 lfo4'>upgrade the WebTrust requirement to “<span style='color:black'>WebTrust for CAs Baseline and NetSec” in order to align with requiring 411-1, or</span><o:p></o:p></li><li class=MsoListParagraph style='color:windowtext;margin-left:0in;mso-list:l0 level1 lfo4'>downgrade the ETSI requirement to 401 to align with requiring “<span style='color:black'>WebTrust for CAs”.</span><o:p></o:p></li></ol><p class=MsoNormal><span style='color:windowtext'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:windowtext'>Is that the right summary?<o:p></o:p></span></p><p class=MsoNormal><span style='color:windowtext'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:windowtext'>In this day and age, I think (1) is the right approach.<o:p></o:p></span></p><p class=MsoNormal><span style='color:windowtext'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:windowtext'>-Tim<o:p></o:p></span></p><p class=MsoNormal><a name="_MailEndCompose"><span style='color:windowtext'><o:p> </o:p></span></a></p><span style='mso-bookmark:_MailEndCompose'></span><div style='border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt'><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b><span style='color:windowtext'>From:</span></b><span style='color:windowtext'> Dimitris Zacharopoulos [mailto:jimmy@it.auth.gr] <br><b>Sent:</b> Tuesday, February 6, 2018 12:25 PM<br><b>To:</b> Tim Hollebeek <tim.hollebeek@digicert.com>; CA/Browser Forum Governance WG List <govreform@cabforum.org>; Dean Coclin <dean.coclin@digicert.com><br><b>Subject:</b> Re: [cabf_governance] Ballot 206 and documents<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal style='margin-bottom:12.0pt'><o:p> </o:p></p><div><p class=MsoNormal>On 6/2/2018 9:17 μμ, Tim Hollebeek wrote:<o:p></o:p></p></div><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><p class=MsoNormal><span style='color:windowtext'>For those of us who have historically tried hard not to understand European regulations, but probably should understand them better than we do, is one a superset of the other, and if so, in which direction? If not, what does the Venn diagram look like?</span><o:p></o:p></p></blockquote><p class=MsoNormal><br>ETSI EN 319 401 is the first level and 411 (part 1) is built on top of 401. Here is a diagram available from the document ETSI TR 119 400 (<a href="https://clicktime.symantec.com/a/1/2rg4jdXEPgpG0cVYXn_7B2jFMYhRbjZ1dDZ93zj7UIU=?d=Q-_kHzd0gf5QWQHtRHrPGfKdJo-f3eGryq7gLFMOP2nmmUSSN0U7d-mlnvjACjvkLYiE5YSQEMOLG71tO_RXchqmCncqIIcrFDtBeLZUAlZrHYS8NABgkLo9xeRneXrt67GFWsXpg4qrHaH2i1WE2nD-PJw6kFVRieKZGqfvwVIHbZc847hmNDYYX1OK-hZ2RJn83ueD16yLldoF5f-b26oVHL9YP3qAYqDB1DBj5oHF-Q438yRy8rGuXF2HtuTqmKwbBBcXk0PC1tLRGSErqip7OX_iU04gunrmBr-tIKOBZoFGECMHVRiWmRxQB1S5rVsr5AWiz9-5775yk-JIHODdvIp7ftjTJD56OOQ9yrXrU-QwbxLq6ktF8tL8RuOpgVEfSg%3D%3D&u=http%3A%2F%2Fwww.etsi.org%2Fdeliver%2Fetsi_tr%2F119400_119499%2F119400%2F01.01.01_60%2Ftr_119400v010101p.pdf">http://www.etsi.org/deliver/etsi_tr/119400_119499/119400/01.01.01_60/tr_119400v010101p.pdf</a>)<br><br><img border=0 width=727 height=424 style='width:7.575in;height:4.4166in' id="_x0000_i1025" src="cid:image001.png@01D39F47.8305DBD0"><br><br>I hope it is clearer now.<br><br>Dimitris.<br><br><br><br><o:p></o:p></p><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><p class=MsoNormal><span style='color:windowtext'> </span><o:p></o:p></p><p class=MsoNormal><span style='color:windowtext'>-Tim</span><o:p></o:p></p><p class=MsoNormal><span style='color:windowtext'> </span><o:p></o:p></p><div style='border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt'><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b><span style='color:windowtext'>From:</span></b><span style='color:windowtext'> Govreform [<a href="mailto:govreform-bounces@cabforum.org">mailto:govreform-bounces@cabforum.org</a>] <b>On Behalf Of </b>Dimitris Zacharopoulos via Govreform<br><b>Sent:</b> Tuesday, February 6, 2018 12:10 PM<br><b>To:</b> Dean Coclin <a href="mailto:dean.coclin@digicert.com"><dean.coclin@digicert.com></a>; CA/Browser Forum Governance WG List <a href="mailto:govreform@cabforum.org"><govreform@cabforum.org></a><br><b>Subject:</b> Re: [cabf_governance] Ballot 206 and documents</span><o:p></o:p></p></div></div><p class=MsoNormal> <o:p></o:p></p><p class=MsoNormal style='margin-bottom:12.0pt'> <o:p></o:p></p><div><p class=MsoNormal>On 6/2/2018 9:02 μμ, Dean Coclin wrote:<o:p></o:p></p></div><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><p class=MsoNormal><span style='color:windowtext'>I’m still confused. The requirements from browsers is 411-1.</span><o:p></o:p></p></blockquote><p class=MsoNormal><br>But the new Bylaws are not only for Browsers :-)<br><br>The Server Certificates WG will require ETSI EN 319 411-1 BUT IT SHOULD ALSO require not just WebTrust for CAs but also WebTrust for CAs Baseline and NetSec.<br><br>Dimitris.<br><br><br><br><o:p></o:p></p><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><p class=MsoNormal><span style='color:windowtext'> </span><o:p></o:p></p><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b><span style='color:windowtext'>From:</span></b><span style='color:windowtext'> Dimitris Zacharopoulos [<a href="mailto:jimmy@it.auth.gr">mailto:jimmy@it.auth.gr</a>] <br><b>Sent:</b> Tuesday, February 6, 2018 2:01 PM<br><b>To:</b> Dean Coclin <a href="mailto:dean.coclin@digicert.com"><dean.coclin@digicert.com></a>; CA/Browser Forum Governance WG List <a href="mailto:govreform@cabforum.org"><govreform@cabforum.org></a><br><b>Subject:</b> Re: [cabf_governance] Ballot 206 and documents</span><o:p></o:p></p></div></div><p class=MsoNormal> <o:p></o:p></p><p class=MsoNormal style='margin-bottom:12.0pt'> <o:p></o:p></p><div><p class=MsoNormal>On 6/2/2018 8:15 μμ, Dean Coclin wrote:<o:p></o:p></p></div><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><p class=MsoNormal><span style='color:windowtext'>Dimitris,</span><o:p></o:p></p><p class=MsoNormal><span style='color:windowtext'>We currently list ETSI 411-1. Why should we change to 401?</span><o:p></o:p></p></blockquote><p class=MsoNormal><br>411-1 covers Baseline Requirements and Network Security Requirements, which is equal to WebTrust for CAs Baseline and NetSec.<br>401 covers similar items as WebTrust for CAs.<br><br>Dimitris.<br><br><br><br><br><o:p></o:p></p><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><p class=MsoNormal><span style='color:windowtext'><br>Dean</span><o:p></o:p></p><p class=MsoNormal><span style='color:windowtext'> </span><o:p></o:p></p><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b><span style='color:windowtext'>From:</span></b><span style='color:windowtext'> Govreform [<a href="mailto:govreform-bounces@cabforum.org">mailto:govreform-bounces@cabforum.org</a>] <b>On Behalf Of </b>Dimitris Zacharopoulos via Govreform<br><b>Sent:</b> Tuesday, February 6, 2018 12:16 PM<br><b>To:</b> Virginia Fournier <a href="mailto:vfournier@apple.com"><vfournier@apple.com></a><br><b>Cc:</b> CA/Browser Forum Governance WG List <a href="mailto:govreform@cabforum.org"><govreform@cabforum.org></a><br><b>Subject:</b> Re: [cabf_governance] Ballot 206 and documents</span><o:p></o:p></p></div></div><p class=MsoNormal> <o:p></o:p></p><p class=MsoNormal style='margin-bottom:12.0pt'> <o:p></o:p></p><div><p class=MsoNormal>On 6/2/2018 6:25 μμ, Virginia Fournier wrote:<o:p></o:p></p></div><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><p class=MsoNormal>Hi Dimitris, <o:p></o:p></p><div><p class=MsoNormal> <o:p></o:p></p></div><div><p class=MsoNormal>Would you please let us know what changes you’d propose to resolve the issues you’ve mentioned below? Your changes weren’t left out intentionally - we probably just missed your request. Thanks. <o:p></o:p></p></div></blockquote><p class=MsoNormal><br>Certainly. I have attached a red-lined version of the proposed changes on the "CABF-Bylaws-v.1.8_23-Jan-2018.doc" file, to align the ETSI audit criteria with WebTrust. I also made a small reference correction to the "Certificate Consumer" definition. <br><br>However, I couldn't provide an easy language fix for the requirement 2.1 a, and I hope the WG will be able to discuss on a future call. I will try to highlight the problem and propose some language to resolve the loop.<br><br>Here are the current definitions:<br><br><u><span style='font-family:"Arial",sans-serif'>(1) "Certificate Issuer</span></u><span style='font-family:"Arial",sans-serif'>: The member organization operates a certification authority that has a current and successful WebTrust for CAs audit or ETSI EN 319 401 audit report prepared by a properly-qualified auditor, is a member of a Working Group, and that actively issues certificates to end entities, such certificates being treated as valid by a Certificate Consumer Member. Applicants that are not actively issuing certificates but otherwise meet membership criteria may be granted Associate Member status under Bylaw Sec. 3.1 for a period of time to be designated by the Forum"</span> <br><br><u><span style='font-family:"Arial",sans-serif'>(2) </span></u>"<u><span style='font-family:"Arial",sans-serif'>Root Certificate Issuer</span></u><span style='font-family:"Arial",sans-serif'>: The member organization operates a certification authority that has a current and successful WebTrust for CAs</span><span lang=EN style='font-family:"Arial",sans-serif'>,</span><span style='font-family:"Arial",sans-serif'> or ETSI EN 319 401 audit report prepared by a properly-qualified auditor, is a member of a Working Group, and that issues certificates to subordinate CAs that, in turn, actively issue certificates to end entities such certificates being treated as valid by a Certificate Consumer Member</span><span lang=EN style='font-family:"Arial",sans-serif'>.</span><span style='font-family:"Arial",sans-serif'> Applicants that are not actively issuing certificates but otherwise meet membership criteria may be granted Associate Member status under Bylaw Sec. 3.1 for a period of time to be designated by the Forum. "</span> <br><br><u><span style='font-family:"Arial",sans-serif'>(3) </span></u>"<u><span style='font-family:"Arial",sans-serif'>Certificate Consumer</span></u><span style='font-family:"Arial",sans-serif'>: The member organization produces a software product, such as a browser, intended for use by the general public for relying upon certificates and is a member of a Working Group"</span> <br><br>First of all, since 2.1 talks about "qualifying for Forum Membership", which I understand to mean "Applicants", I propose we replace "member organization" to "applicant organization". In order to resolve the loop problem, perhaps the part of the "Certificate Consumer" definition that talks about software intended for use by the general public for relying upon certificates, should be included in the definitions of (1) and (2). <br><br>Here is a suggestion for these definitions:<br><br><u><span style='font-family:"Arial",sans-serif'>(1) "Certificate Issuer</span></u><span style='font-family:"Arial",sans-serif'>: The applicant organization operates a certification authority that has a current and successful WebTrust for CAs audit or ETSI EN 319 401 audit report prepared by a properly-qualified auditor, is a member of a Working Group, and that actively issues certificates to end entities, such certificates being treated as valid by a software product, such as a browser, intended for use by the general public for relying upon certificates. Applicants that are not actively issuing certificates but otherwise meet membership criteria may be granted Associate Member status under Bylaw Sec. 3.1 for a period of time to be designated by the Forum"</span><br><br><u><span style='font-family:"Arial",sans-serif'>(2) </span></u>"<u><span style='font-family:"Arial",sans-serif'>Root Certificate Issuer</span></u><span style='font-family:"Arial",sans-serif'>: The applicant organization operates a certification authority that has a current and successful WebTrust for CAs</span><span lang=EN style='font-family:"Arial",sans-serif'>,</span><span style='font-family:"Arial",sans-serif'> or ETSI EN 319 401 audit report prepared by a properly-qualified auditor, is a member of a Working Group, and that issues certificates to subordinate CAs that, in turn, actively issue certificates to end entities such certificates being treated as valid by a software product, such as a browser, intended for use by the general public for relying upon certificates</span><span lang=EN style='font-family:"Arial",sans-serif'>.</span><span style='font-family:"Arial",sans-serif'> Applicants that are not actively issuing certificates but otherwise meet membership criteria may be granted Associate Member status under Bylaw Sec. 3.1 for a period of time to be designated by the Forum. "</span><br><br><u><span style='font-family:"Arial",sans-serif'>(3) </span></u>"<u><span style='font-family:"Arial",sans-serif'>Certificate Consumer</span></u><span style='font-family:"Arial",sans-serif'>: The applicant organization produces a software product, such as a browser, intended for use by the general public for relying upon certificates and is a member of a Working Group"</span><br><br><br>Thank you,<br>Dimitris.<br><br><br><br><br><o:p></o:p></p><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><div><p class=MsoNormal> <o:p></o:p></p><div id=AppleMailSignature><div><p class=MsoNormal>Virginia Fournier<o:p></o:p></p></div><p class=MsoNormal>Sent from my iPhone <o:p></o:p></p><div><p class=MsoNormal>Please excuse iTypos<o:p></o:p></p></div></div><div><p class=MsoNormal style='margin-bottom:12.0pt'><br>On Feb 6, 2018, at 12:14 AM, Dimitris Zacharopoulos <<a href="mailto:jimmy@it.auth.gr">jimmy@it.auth.gr</a>> wrote:<o:p></o:p></p></div><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><div><div><p class=MsoNormal style='margin-bottom:12.0pt'><br>Hello all,<br><br>I reviewed the diffs and the proposed alignment between WebTrust and ETSI is not included in the proposed Bylaws draft (2.1a). I sent a proposal on Jan 9th (<a href="https://clicktime.symantec.com/a/1/xRJEOuXg-y_jlF4bPlvzPYNhn8a6eit8kncIq_wfMZ8=?d=zYU90j46QxTFNxAvlm_vJ4ZGqsTgwmt8yY9zvr0ptokxsxcxPTiHyfv81qHB08VOX3rrzZExOGgmgJkxIPZh2VDCB2-WrHv3HSXYZ8Wzk09rw2zFsyEvlFL13nhb7UzygerGhghF5qQl0uKJbkrgfHeL3_MxqGdnvlA7v_LK1cQLQhJS5vIh8quuXAU7PSSJvzKot7DAJo6bZDIRpzkFwNY2W9QBa2ODpEWTq9Pgug2qPyiezauI14B6fZZzXDwU0Ivj6KGS2Dy_1JXgXrsoUU_njc0WcH8N60MzLhzfYru_KK1QzFyolSRuA_TbFD0QG9P-7dp5mSt1H1BWsQ8OFAuLGgGHPbw9v12-oYSxeZkcV1l_eqlq15pTQI-hUSzH_gt5129IW5k-Txy56XOL79S-5w%3D%3D&u=https%3A%2F%2Fcabforum.org%2Fpipermail%2Fgovreform%2F2018-January%2F000355.html">https://cabforum.org/pipermail/govreform/2018-January/000355.html</a>) about the Server Certificate Working Group Charter but the concept is the same for the Bylaws.<o:p></o:p></p><ul type=disc><li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l2 level1 lfo3'>If we include the requirement for "WebTrust for CAs" audit, then the equivalent ETSI audit should be "<b>ETSI EN 319 401</b>". This probably fits best for the Bylaws.<o:p></o:p></li><li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l2 level1 lfo3'>If we include the requirement for "WebTrust for CAs + WebTrust Baseline + NetSec " audit, then the equivalent ETSI audit should be "ETSI EN 319 411-1". This probably fits best for the Server Certificate Working Group Charter.<o:p></o:p></li></ul><p class=MsoNormal>The old ETSI TS standards should not be included in the new bylaws.<br><br>I was also puzzled with the following requirement in the Bylaws (section 2.1a) "such certificates being treated as valid by a Certificate Consumer<b> Member</b>". So, if a CA issues Certificates for Digital Signatures which are trusted by Adobe and Adobe is not a Member of the Forum, then this CA doesn't meet the requirements. Is this a correct interpretation?<br><br><br>Best regards,<br>Dimitris.<br><br><br>On 6/2/2018 9:15 πμ, Virginia Fournier via Govreform wrote:<o:p></o:p></p></div><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><div><div><div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Helvetica",sans-serif'>Hi all,</span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Helvetica",sans-serif'><br><br><br><br><br></span><o:p></o:p></p></div><div><p class=MsoNormal>My apologies, I have a conflict for tomorrow’s meeting and will not be able to attend. I am sending what I hope are virtually final versions of the documents. I am sending diff files for the Bylaws and IPR policy, as the Word compare function will not cooperate. The diffs may be easier to read in the end anyway.<o:p></o:p></p></div><div><p class=MsoNormal><br><br><br><br><br><o:p></o:p></p></div><div><p class=MsoNormal>As you may have seen from my email earlier today, we have to cut off any new issues, content, etc. from being added to the ballot so we can finalize it. From this point forward, we need to just review what we have, clean up typos or any errors in the ballot, and move it forward. With this in mind, I’d appreciate it if you’d review the documents attached/referenced below to see if there are any corrections/adjustments that need to be made. We can keep a list of additional issues that should be addressed for the next ballot.<o:p></o:p></p></div><div><p class=MsoNormal><br><br><br><br><br><o:p></o:p></p></div><div><p class=MsoNormal>What is the status of the Server Certificate WG charter? I sent some comments to Dean/Ben - have you had a chance to look at those? We need the final version of that document also to complete the package.<o:p></o:p></p></div><div><p class=MsoNormal><br><br><br><br><br><o:p></o:p></p></div><div><p class=MsoNormal>I’d like to send the documents out early next week and start an “informal” discussion period of 7 days next for any questions people may have. Does anyone see any obstacles to doing that?<o:p></o:p></p></div><div><p class=MsoNormal><br><br><br><br><br><o:p></o:p></p></div><div><p class=MsoNormal>Here’s the diff for the Bylaws (all changes since version 1.7 shown).<o:p></o:p></p></div><div><p class=MsoNormal><br><br><br><br><br><o:p></o:p></p></div><div><p class=MsoNormal><a href="https://clicktime.symantec.com/a/1/uyKpIpWVOanrzEuutNyKQlSALyoi3PkQHMormrBAvWs=?d=zYU90j46QxTFNxAvlm_vJ4ZGqsTgwmt8yY9zvr0ptokxsxcxPTiHyfv81qHB08VOX3rrzZExOGgmgJkxIPZh2VDCB2-WrHv3HSXYZ8Wzk09rw2zFsyEvlFL13nhb7UzygerGhghF5qQl0uKJbkrgfHeL3_MxqGdnvlA7v_LK1cQLQhJS5vIh8quuXAU7PSSJvzKot7DAJo6bZDIRpzkFwNY2W9QBa2ODpEWTq9Pgug2qPyiezauI14B6fZZzXDwU0Ivj6KGS2Dy_1JXgXrsoUU_njc0WcH8N60MzLhzfYru_KK1QzFyolSRuA_TbFD0QG9P-7dp5mSt1H1BWsQ8OFAuLGgGHPbw9v12-oYSxeZkcV1l_eqlq15pTQI-hUSzH_gt5129IW5k-Txy56XOL79S-5w%3D%3D&u=https%3A%2F%2Fdraftable.com%2Fcompare%2FJHYFfXWaHGRx">https://draftable.com/compare/JHYFfXWaHGRx</a><o:p></o:p></p></div><div><p class=MsoNormal> <o:p></o:p></p></div><div><p class=MsoNormal>Here’s the diff for the IPR Policy (all changes since version 1.2 shown:<o:p></o:p></p></div><div><p class=MsoNormal> <o:p></o:p></p></div><div><p class=MsoNormal><a href="https://clicktime.symantec.com/a/1/8q3XvGqohjM8pvFAj8n2TNaDAB0so_mrZcspY58oCLE=?d=zYU90j46QxTFNxAvlm_vJ4ZGqsTgwmt8yY9zvr0ptokxsxcxPTiHyfv81qHB08VOX3rrzZExOGgmgJkxIPZh2VDCB2-WrHv3HSXYZ8Wzk09rw2zFsyEvlFL13nhb7UzygerGhghF5qQl0uKJbkrgfHeL3_MxqGdnvlA7v_LK1cQLQhJS5vIh8quuXAU7PSSJvzKot7DAJo6bZDIRpzkFwNY2W9QBa2ODpEWTq9Pgug2qPyiezauI14B6fZZzXDwU0Ivj6KGS2Dy_1JXgXrsoUU_njc0WcH8N60MzLhzfYru_KK1QzFyolSRuA_TbFD0QG9P-7dp5mSt1H1BWsQ8OFAuLGgGHPbw9v12-oYSxeZkcV1l_eqlq15pTQI-hUSzH_gt5129IW5k-Txy56XOL79S-5w%3D%3D&u=https%3A%2F%2Fdraftable.com%2Fcompare%2FQuHvYZiCAAUr">https://draftable.com/compare/QuHvYZiCAAUr</a><o:p></o:p></p></div><div><p class=MsoNormal> <o:p></o:p></p></div></div></div></div><p class=MsoNormal>=<br><br><br><br><br><br><br><o:p></o:p></p><div><div><div><div><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Helvetica",sans-serif'><br><br><br><br><br></span><o:p></o:p></p></div><div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Helvetica",sans-serif'>Best regards,</span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Helvetica",sans-serif'> </span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Helvetica",sans-serif'>Virginia Fournier</span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Helvetica",sans-serif'>Senior Standards Counsel</span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-size:10.5pt'></span><span style='font-size:10.5pt;font-family:"Helvetica",sans-serif'> Apple Inc.</span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Segoe UI Symbol \,sans-serif"'>☏</span><span style='font-size:10.5pt;font-family:"Helvetica",sans-serif'> 669-227-9595</span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Segoe UI Symbol \,sans-serif"'>✉︎</span><span style='font-size:10.5pt;font-family:"Helvetica",sans-serif'> <a href="mailto:vmf@apple.com">vmf@apple.com</a></span><o:p></o:p></p></div></div><div><div><div><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Helvetica",sans-serif'> </span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Helvetica",sans-serif'> </span><o:p></o:p></p></div></div></div></div><p class=MsoNormal> <o:p></o:p></p></div><p class=MsoNormal style='margin-bottom:12.0pt'> <o:p></o:p></p></div><div><p class=MsoNormal> <o:p></o:p></p><div><p class=MsoNormal>On Dec 21, 2017, at 11:19 AM, Virginia Fournier via Govreform <<a href="mailto:govreform@cabforum.org">govreform@cabforum.org</a>> wrote:<o:p></o:p></p></div><p class=MsoNormal> <o:p></o:p></p><div><div><p class=MsoNormal>Hello all, <o:p></o:p></p><div><p class=MsoNormal> <o:p></o:p></p></div><div><p class=MsoNormal>Here are the final documents for Ballot 206. Please confirm that you’re ready to go forward with them in January after the holidays. Please also let me know if you can open the Bylaws diff file. What is the status of the Server Certificate WG’s charter? Thanks for everyone’s hard work on this project.<o:p></o:p></p></div><div><p class=MsoNormal> <o:p></o:p></p></div></div><p class=MsoNormal><CABF_Ballot206_20DEC17.docx> <o:p></o:p></p><p class=MsoNormal><CABF-IPR-Policy-v.1.3_20DEC17_clean.doc> <o:p></o:p></p><p class=MsoNormal><CABF-IPR-Policy-v.1.3_20DEC17_redline.doc> <o:p></o:p></p><p class=MsoNormal><CABF-Bylaws-v.1.8_20DEC17_clean.doc> <o:p></o:p></p><p class=MsoNormal><CABF-Governance Change FAQ_20DEC17.docx> <o:p></o:p></p><p class=MsoNormal><Bylaws DiffNow Comparison Report.htm> <o:p></o:p></p><div><div><div><div><div><div><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Arial",sans-serif'><br><br><br><br><br></span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Helvetica",sans-serif'><br><br><br><br><br></span><o:p></o:p></p></div><div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Helvetica",sans-serif'>Best regards,</span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Helvetica",sans-serif'> </span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Helvetica",sans-serif'>Virginia Fournier</span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Helvetica",sans-serif'>Senior Standards Counsel</span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-size:10.5pt'></span><span style='font-size:10.5pt;font-family:"Helvetica",sans-serif'> Apple Inc.</span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Segoe UI Symbol \,sans-serif"'>☏</span><span style='font-size:10.5pt;font-family:"Helvetica",sans-serif'> 669-227-9595</span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Segoe UI Symbol \,sans-serif"'>✉︎</span><span style='font-size:10.5pt;font-family:"Helvetica",sans-serif'> <a href="mailto:vmf@apple.com">vmf@apple.com</a></span><o:p></o:p></p></div></div><div><div><div><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Helvetica",sans-serif'> </span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Helvetica",sans-serif'> </span><o:p></o:p></p></div></div></div></div><p class=MsoNormal> <o:p></o:p></p></div><p class=MsoNormal style='margin-bottom:12.0pt'> <o:p></o:p></p></div><p class=MsoNormal> <o:p></o:p></p></div></div><p class=MsoNormal>_______________________________________________<br>Govreform mailing list<br><a href="mailto:Govreform@cabforum.org">Govreform@cabforum.org</a><br><a href="https://clicktime.symantec.com/a/1/8rSOldnBKg8XvPcCi-8xhn3L1EZQhM_E6Wxoe2uL3ps=?d=zYU90j46QxTFNxAvlm_vJ4ZGqsTgwmt8yY9zvr0ptokxsxcxPTiHyfv81qHB08VOX3rrzZExOGgmgJkxIPZh2VDCB2-WrHv3HSXYZ8Wzk09rw2zFsyEvlFL13nhb7UzygerGhghF5qQl0uKJbkrgfHeL3_MxqGdnvlA7v_LK1cQLQhJS5vIh8quuXAU7PSSJvzKot7DAJo6bZDIRpzkFwNY2W9QBa2ODpEWTq9Pgug2qPyiezauI14B6fZZzXDwU0Ivj6KGS2Dy_1JXgXrsoUU_njc0WcH8N60MzLhzfYru_KK1QzFyolSRuA_TbFD0QG9P-7dp5mSt1H1BWsQ8OFAuLGgGHPbw9v12-oYSxeZkcV1l_eqlq15pTQI-hUSzH_gt5129IW5k-Txy56XOL79S-5w%3D%3D&u=https%3A%2F%2Fcabforum.org%2Fmailman%2Flistinfo%2Fgovreform">https://cabforum.org/mailman/listinfo/govreform</a><o:p></o:p></p></div></div><p class=MsoNormal><br>=<br><br><br><br><br><br><o:p></o:p></p><pre>_______________________________________________<o:p></o:p></pre><pre>Govreform mailing list<o:p></o:p></pre><pre><a href="mailto:Govreform@cabforum.org">Govreform@cabforum.org</a><o:p></o:p></pre><pre><a href="https://clicktime.symantec.com/a/1/8rSOldnBKg8XvPcCi-8xhn3L1EZQhM_E6Wxoe2uL3ps=?d=zYU90j46QxTFNxAvlm_vJ4ZGqsTgwmt8yY9zvr0ptokxsxcxPTiHyfv81qHB08VOX3rrzZExOGgmgJkxIPZh2VDCB2-WrHv3HSXYZ8Wzk09rw2zFsyEvlFL13nhb7UzygerGhghF5qQl0uKJbkrgfHeL3_MxqGdnvlA7v_LK1cQLQhJS5vIh8quuXAU7PSSJvzKot7DAJo6bZDIRpzkFwNY2W9QBa2ODpEWTq9Pgug2qPyiezauI14B6fZZzXDwU0Ivj6KGS2Dy_1JXgXrsoUU_njc0WcH8N60MzLhzfYru_KK1QzFyolSRuA_TbFD0QG9P-7dp5mSt1H1BWsQ8OFAuLGgGHPbw9v12-oYSxeZkcV1l_eqlq15pTQI-hUSzH_gt5129IW5k-Txy56XOL79S-5w%3D%3D&u=https%3A%2F%2Fcabforum.org%2Fmailman%2Flistinfo%2Fgovreform">https://cabforum.org/mailman/listinfo/govreform</a><o:p></o:p></pre></blockquote><p class=MsoNormal> <o:p></o:p></p></div></blockquote></div></blockquote><p class=MsoNormal> <o:p></o:p></p></blockquote><p class=MsoNormal> <o:p></o:p></p></blockquote><p class=MsoNormal> <o:p></o:p></p></div></blockquote><p class=MsoNormal><o:p> </o:p></p></div></div></body></html>