[Servercert-wg] Renumbering of the NetSec Requirements

David Kluge kluge at google.com
Mon Jan 27 13:16:34 MST 2020

Hi Ryan,
during our calls in early 2019 we identified areas in which the NSRs can be
improved but some of the improvements seemed difficult to make given how
the NSR document is currently structured. The document Ben has shared was
drafted to address this. You can find more background in the minutes of the
11/29/18 and the 1/24/19 call.

I hope this helps.

On Tue, Jan 14, 2020 at 4:18 PM Ryan Sleevi via Servercert-wg <
servercert-wg at cabforum.org> wrote:

> Thanks Ben!
> This is super helpful for understanding where things are going and the
> existing criteria, and really appreciated. I suppose some context that I'm
> still missing is that it seems like the intent is to structure the document
> in a "Principles and Criteria" format, which does seem like a somewhat
> larger change than renumbering, and cuts to the heart of the design and
> structure. I was hoping to understand a bit more of that background, and
> was hoping it might have been discussed somewhere (so you don't have to
> rehash it)
> On Mon, Jan 13, 2020 at 7:07 PM Ben Wilson <benwilsonusa at gmail.com> wrote:
>> I suppose that the new headings would be normative.  The "discussion
>> notes" are found in the working document that reveals where this effort is
>> headed - intended to eventually end up.  It is here -  NetSec-Reorg -
>> https://docs.google.com/document/d/1iXOEdsoUcshtS3VZh2jJ-qvSWLGl-DUWMyNs0uZBheI/edit?usp=sharing
>> On Mon, Jan 13, 2020 at 1:52 PM Ryan Sleevi <sleevi at google.com> wrote:
>>> Removing the cross-post, so folks don't get mail bounces or only see
>>> half the discussion, with replies inline.
>>> On Mon, Jan 13, 2020 at 1:56 PM Ben Wilson via Servercert-wg <
>>> servercert-wg at cabforum.org> wrote:
>>>> In order to move forward with an overhaul of the Network and
>>>> Certificate System Security Requirements, the Document Organization
>>>> subgroup has determined it best to break up the transitions into discrete
>>>> tasks/ballots.
>>> Do you have a link to that discussion/minutes? Is there an overview?
>>> It's useful to have a 'big picture' view to understand where things are
>>> proposed for going, if only to help contextualize the smaller changes.
>>> Attached is a pdf that shows the first step in a proposed
>>>> restructuring/renumbering of the NetSet requirements -- strictly
>>>> renumbering.
>>> This doesn't seem  to be purely renumbering. For example, each of the
>>> section headers were renamed with statements, which are unclear if they're
>>> meant to be normative or informative, along with an orientation around
>>> principles. That seems to harken back to WebTrust/ISO 21188's approach to
>>> auditing, but it's unclear why this change. Is there more context for those
>>> renamings? Is this part of a broader effort, and if so, do you have a
>>> pointer to those past discussions?
>> _______________________________________________
> Servercert-wg mailing list
> Servercert-wg at cabforum.org
> http://cabforum.org/mailman/listinfo/servercert-wg


David Kluge | Technical Program Manager | kluge at google.com |  +41 44 668 03
54 <+41%2044%20668%2003%2054>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20200127/585da234/attachment.html>

More information about the Servercert-wg mailing list