[cabfpub] BRs section 9.16.3 (exception for laws)
Rich Smith
richard.smith at comodo.com
Wed Apr 27 19:30:41 UTC 2016
None of this addresses a gag order by said jurisdiction, which IMO is
quite likely in a case wherein a government put such a requirement on a
CA, at least in any case where such deviation from the BRs is truly of
any concern. Dead man switch?
On 4/27/2016 12:44 PM, Ryan Sleevi wrote:
> Jeremy,
>
> I don't believe your proposal addresses the necessary transparency and
> disclosure that the CA ecosystem needs for such matters. Is there a
> reason you removed that language, or was it merely an oversight in
> addressing the other issue you highlighted?
>
> On Wed, Apr 27, 2016 at 10:40 AM, Jeremy Rowley
> <jeremy.rowley at digicert.com <mailto:jeremy.rowley at digicert.com>> wrote:
>
> Some CAs may not "want" to deviate from a requirement but may be
> forced to by regulation. They also won't "deviate from... these
> Requirements" because the requirements are reformed to the extent
> necessary to accommodate for the law.
>
> How about:
>
> __
>
> _A CA that issues a certificate under a requirement reformed
> through an action of a court or government body with jurisdiction
> SHALL list the reformed requirement in Section 9.16.3 of the CA's
> CPS prior to issuing a certificate and include (in Section 9.16.3
> of the CA's CPS) a reference to the law or government order
> requiring a reformation under this section ._
>
> *From:*public-bounces at cabforum.org
> <mailto:public-bounces at cabforum.org>
> [mailto:public-bounces at cabforum.org
> <mailto:public-bounces at cabforum.org>] *On Behalf Of *Gervase Markham
> *Sent:* Wednesday, April 27, 2016 10:38 AM
> *To:* CABFPub <public at cabforum.org <mailto:public at cabforum.org>>
> *Subject:* [cabfpub] BRs section 9.16.3 (exception for laws)
>
> Hi everyone,
>
> At the last CAB Forum meeting, we had a discussion about BRs
> section 9.16.3, and the possibility that it allows CAs to violate
> the BRs without appropriate notification. After the CAB Forum
> meeting, the following amendment (which I have tweaked) was
> helpfully suggested by one participant in the conversation The aim
> is to bring transparency, so anyone in violation under this clause
> is at least documented, and we can consider revisions to the BRs
> accordingly.
>
> What do people think?
>
> Gerv
>
> *9.16.3. Severability*
>
> If a court or government body with jurisdiction over the
> activities covered by these Requirements determines that the
> performance of any mandatory requirement is illegal, then such
> requirement is considered reformed to the minimum extent necessary
> to make the requirement valid and legal. This applies only to
> operations or certificate issuances that are subject to the laws
> of that jurisdiction. The parties involved SHALL notify the CA /
> Browser Forum _by sending a detailed message to
> _questions at cabforum.org <mailto:questions at cabforum.org>__of the
> facts, circumstances, and law(s) involved, _and receiving
> confirmation of the receipt of the message by the CA/Browser
> Forum,_so that the CA/Browser Forum may _consider possible
> revisions to these_ Requirements accordingly.
>
> _Any CA that wants to deviate from any mandatory requirement of
> these Requirements as written on the basis of this Section 9.16.3
> must list all such non-conformity (including a reference to the
> specific Requirement(s) subject to deviation) in Section 9.16.3 of
> the CA's CPS before deviating from the Requirement(s), and include
> in such disclosure the facts, circumstances, and law(s) involved. _
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org <mailto:Public at cabforum.org>
> https://cabforum.org/mailman/listinfo/public
>
>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160427/2a63e9e1/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4035 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160427/2a63e9e1/attachment-0001.p7s>
More information about the Public
mailing list