[Servercert-wg] [EXTERNAL] Voting begins: Ballot SC15 version 2: Remove Validation Method Number 9
Bruce Morton
Bruce.Morton at entrustdatacard.com
Tue Jan 29 13:57:42 MST 2019
I thought the discussion period started on 22 January and ended today.
Bruce.
From: Servercert-wg [mailto:servercert-wg-bounces at cabforum.org] On Behalf Of Wayne Thayer via Servercert-wg
Sent: January 29, 2019 3:53 PM
To: CA/B Forum Server Certificate WG Public Discussion List <servercert-wg at cabforum.org>
Subject: Re: [Servercert-wg] [EXTERNAL] Voting begins: Ballot SC15 version 2: Remove Validation Method Number 9
The enthusiasm is great, but voting on SC15 won't start until next week, so these won't be counted.
On Tue, Jan 29, 2019 at 1:23 PM Bruce Morton via Servercert-wg <servercert-wg at cabforum.org<mailto:servercert-wg at cabforum.org>> wrote:
Entrust Datacard votes YES to Ballot SC15 version 2.
Bruce.
From: Servercert-wg [mailto:servercert-wg-bounces at cabforum.org<mailto:servercert-wg-bounces at cabforum.org>] On Behalf Of Doug Beattie via Servercert-wg
Sent: January 29, 2019 2:57 PM
To: CA/B Forum Server Certificate WG Public Discussion List <servercert-wg at cabforum.org<mailto:servercert-wg at cabforum.org>>
Subject: [EXTERNAL][Servercert-wg] Voting begins: Ballot SC15 version 2: Remove Validation Method Number 9
Ballot SC15 version 2: Remove Validation Method Number 9
Purpose of Ballot: Method 9, Test Certificate, is insecure when web hosting platforms use a single IP address for more than one Domain Name, so this method must not be used.
The following motion has been proposed by Doug Beattie of GlobalSign and endorsed by Bruce Morton of Entrust Datacard and Ryan Sleevi of Google.
--- MOTION BEGINS ---
This ballot modifies the “Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates” as follows, based on Version 1.6.2:
Replace the content of section 3.2.2.4.9 with:
This method has been retired and MUST NOT be used. Prior validations using this method and validation data gathered according to this method SHALL NOT be used to issue certificates.
--- MOTION ENDS ---
*** WARNING ***: USE AT YOUR OWN RISK. THE REDLINE BELOW IS NOT THE OFFICIAL VERSION OF THE CHANGES (CABF Bylaws, Section 2.4(a)):
A comparison of the changes can be found at: https://github.com/dougbeattie/documents/compare/master...dougbeattie:SC15---Remove-Method-9
The procedure for approval of this ballot is as follows:
Discussion (7+ days)
Start Time: 2019-01-29 15:00 Eastern
End Time: 2019-02-05 15:00 Eastern
Vote for approval (7 days)
Start Time: TBD
End Time: TBD
_______________________________________________
Servercert-wg mailing list
Servercert-wg at cabforum.org<mailto:Servercert-wg at cabforum.org>
http://cabforum.org/mailman/listinfo/servercert-wg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20190129/7e9e063b/attachment-0001.html>
More information about the Servercert-wg
mailing list