[Servercert-wg] [EXTERNAL] Ballot SC23: Precertificates

Ryan Sleevi sleevi at google.com
Tue Oct 22 19:28:11 MST 2019


On Tue, Oct 22, 2019 at 7:57 PM Ryan Sleevi <sleevi at google.com> wrote:

>
>
> On Tue, Oct 22, 2019 at 7:44 PM Wayne Thayer via Servercert-wg <
> servercert-wg at cabforum.org> wrote:
>
>> I'm posting v2 of this ballot because without it the discussion period
>> will expire and the ballot will fail. V2 adds language required to prevent
>> conflicts with ballot SC24, but does not otherwise change the proposal.
>>
>> It's not clear to me how to proceed with this. It seems that the
>> endorsers are happy with the current ballot, but others want to limit the
>> change to section 4.9.10. So far, no one has proposed specific language
>> that both accounts for all of the nuances of this issue and is considered
>> to be easily understood. Unless specific alternative proposals are made,
>> I'm inclined to proceed to a vote on the current proposal.
>>
>
> Wayne: Dimitris' change works for me in only tackling the half that CAs
> were most concerned about.
>
> Rob, Jeremy: Could you check if
> https://cabforum.org/pipermail/servercert-wg/2019-October/001244.html addresses
> the immediate concerns raised?
>

More concretely:
https://github.com/cabforum/documents/compare/master...sleevi:2019-10-OCSP

This isn't identical to what Dimitris proposed, to try to close the gaps
identified. It tries to use terms that are unused by RFC 5019/6960 - such
as "unused" - to avoid confusion with "unknown".

It's not perfect, but I'm curious if that gets closer to a minimal and
clear change.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20191022/8718e134/attachment.html>


More information about the Servercert-wg mailing list