[cabfpub] Draft Ballot 186 - Limiting the Reuse of Validation Information

[Stephen Davidson]

I have no intent to talk about pricing or costs - however, I think the CABF should discuss the possibility that that recent ballots - singly and and as a group - have competitive implications and may be viewed as unreasonably restricting or impeding the products and offerings of members.



________________________________________
From: Public [public-bounces at cabforum.org] on behalf of Gervase Markham via Public [public at cabforum.org]
Sent: Wednesday, February 01, 2017 6:14 AM
To: CA/Browser Forum Public Discussion List
Cc: Gervase Markham
Subject: Re: [cabfpub] Draft Ballot 186 - Limiting the Reuse of Validation Information

On 01/02/17 10:05, Stephen Davidson via Public wrote:
> I agree with Peter's point: a revocation should not automatically
> require a re-vetting of Org or Domain details as most revocations occur
> from "good housekeeping" with keys rather than a failure of underlying
> vetting.

I see the problem there. Would it work to narrow that particular bullet
to certain revocation reasons (perhaps by reference to the list of
revocation reasons elsewhere in the BRs)?

> I also point out that this ballot - and the corresponding limit on
> validity - represent fairly radical changes to the SSL market,
> particularly for better validated classes such as EV (where most issued
> certs have two year validity).  Without falling afoul of the CABF's
> membership restrictions on talking price, I think it's fair to note that
> the proposed restriction will, in effect, drive up the "cost per year"
> of EV and limits the ability of CAs to differentiate their offerings.

I would gently suggest that any discussion of this would fall afoul of
the anti-trust statement, which forbids discussion of "costs" and "cost
structures".

Gerv

_______________________________________________
Public mailing list
Public at cabforum.org
https://cabforum.org/mailman/listinfo/public