[Servercert-wg] Renumbering of the NetSec Requirements

Ben Wilson benwilsonusa at gmail.com
Mon Feb 3 14:49:31 MST 2020


Attached is an improved version that doesn't have any new "principles".
The next step would be to document this renumbering in the form of a ballot.

On Mon, Jan 27, 2020 at 1:17 PM David Kluge <kluge at google.com> wrote:

> Hi Ryan,
> during our calls in early 2019 we identified areas in which the NSRs can
> be improved but some of the improvements seemed difficult to make given how
> the NSR document is currently structured. The document Ben has shared was
> drafted to address this. You can find more background in the minutes of the
> 11/29/18 and the 1/24/19 call.
>
> I hope this helps.
>
>
>
>
>
>
>
>
> On Tue, Jan 14, 2020 at 4:18 PM Ryan Sleevi via Servercert-wg <
> servercert-wg at cabforum.org> wrote:
>
>> Thanks Ben!
>>
>> This is super helpful for understanding where things are going and the
>> existing criteria, and really appreciated. I suppose some context that I'm
>> still missing is that it seems like the intent is to structure the document
>> in a "Principles and Criteria" format, which does seem like a somewhat
>> larger change than renumbering, and cuts to the heart of the design and
>> structure. I was hoping to understand a bit more of that background, and
>> was hoping it might have been discussed somewhere (so you don't have to
>> rehash it)
>>
>> On Mon, Jan 13, 2020 at 7:07 PM Ben Wilson <benwilsonusa at gmail.com>
>> wrote:
>>
>>> I suppose that the new headings would be normative.  The "discussion
>>> notes" are found in the working document that reveals where this effort is
>>> headed - intended to eventually end up.  It is here -  NetSec-Reorg -
>>> https://docs.google.com/document/d/1iXOEdsoUcshtS3VZh2jJ-qvSWLGl-DUWMyNs0uZBheI/edit?usp=sharing
>>>
>>>
>>>
>>>
>>> On Mon, Jan 13, 2020 at 1:52 PM Ryan Sleevi <sleevi at google.com> wrote:
>>>
>>>> Removing the cross-post, so folks don't get mail bounces or only see
>>>> half the discussion, with replies inline.
>>>>
>>>> On Mon, Jan 13, 2020 at 1:56 PM Ben Wilson via Servercert-wg <
>>>> servercert-wg at cabforum.org> wrote:
>>>>
>>>>> In order to move forward with an overhaul of the Network and
>>>>> Certificate System Security Requirements, the Document Organization
>>>>> subgroup has determined it best to break up the transitions into discrete
>>>>> tasks/ballots.
>>>>>
>>>>
>>>> Do you have a link to that discussion/minutes? Is there an overview?
>>>> It's useful to have a 'big picture' view to understand where things are
>>>> proposed for going, if only to help contextualize the smaller changes.
>>>>
>>>> Attached is a pdf that shows the first step in a proposed
>>>>> restructuring/renumbering of the NetSet requirements -- strictly
>>>>> renumbering.
>>>>>
>>>>
>>>> This doesn't seem  to be purely renumbering. For example, each of the
>>>> section headers were renamed with statements, which are unclear if they're
>>>> meant to be normative or informative, along with an orientation around
>>>> principles. That seems to harken back to WebTrust/ISO 21188's approach to
>>>> auditing, but it's unclear why this change. Is there more context for those
>>>> renamings? Is this part of a broader effort, and if so, do you have a
>>>> pointer to those past discussions?
>>>>
>>> _______________________________________________
>> Servercert-wg mailing list
>> Servercert-wg at cabforum.org
>> http://cabforum.org/mailman/listinfo/servercert-wg
>>
>
>
> --
>
> David Kluge | Technical Program Manager | kluge at google.com |  +41 44 668
> 03 54 <+41%2044%20668%2003%2054>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20200203/b3b5ea16/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: NetSec-Renumbering-Comparison.v.2.pdf
Type: application/pdf
Size: 89282 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20200203/b3b5ea16/attachment-0001.pdf>


More information about the Servercert-wg mailing list