[Servercert-wg] [Voting Begins] Ballot SC-74 - Clarify CP/CPS structure according to RFC 3647

Mon May 6 07:37:52 UTC 2024

Kamu SM votes "yes" on Ballot SC-74. 

Tuğba ÖZCAN 

Head Of e-Signature Technologies Department 

TÜBİTAK/BİLGEM/Kamu SM 

Çamlıca Mahallesi 408. Cadde No: 136 

C Blok 5. Kat Yenimahalle/Ankara 

Dahili:8543 

tugba.ozcan at tubitak.gov.tr 

Kimden: "CA" <servercert-wg at cabforum.org> 
Kime: "Dimitris Zacharopoulos, HARICA" <dzacharo at harica.gr>, "CA" <servercert-wg at cabforum.org> 
Gönderilenler: 5 Mayıs Pazar 2024 22:05:35 
Konu: Re: [Servercert-wg] [Voting Begins] Ballot SC-74 - Clarify CP/CPS structure according to RFC 3647 

Mozilla votes "yes" on Ballot SC-74. 

On Sun, May 5, 2024 at 3:06 AM Dimitris Zacharopoulos (HARICA) via Servercert-wg < [ mailto:servercert-wg at cabforum.org | servercert-wg at cabforum.org ] > wrote: 

HARICA votes "yes" to ballot SC-74. 

On 5/5/2024 11:24 π.μ., Dimitris Zacharopoulos (HARICA) via Servercert-wg wrote: 

BQ_BEGIN
Voting begins for ballot SC-74. 
SC-74 - Clarify CP/CPS structure according to RFC 3647 
Summary 

The TLS Baseline Requirements require in section 2.2 that: 

"The Certificate Policy and/or Certification Practice Statement MUST be structured in accordance with RFC 3647 and MUST include all material required by RFC 3647." 

The intent of this language was to ensure that all CAs' CP and/or CPS documents contain a similar structure, making it easier to review and compare against the BRs. However, there was some ambiguity as to the actual structure that CAs should follow. After several discussions in the [ https://lists.cabforum.org/pipermail/servercert-wg/2023-November/004070.html | SCWG Public Mailing List ] and F2F meetings, it was agreed that more clarity should be added to the existing requirement, pointing to the outline described in section 6 of RFC 3647. 

The following motion has been proposed by Dimitris Zacharopoulos (HARICA) and endorsed by Aaron Poulsen (Amazon) and Tim Hollebeek (Digicert). 

You can view the github pull request representing this ballot [ https://github.com/cabforum/servercert/pull/503 | here ] . 
Motion Begins 

MODIFY the "Baseline Requirements for the Issuance and Management of Publicly-Trusted TLS Server Certificates" based on Version 2.0.4 as specified in the following redline: 

    * [ https://github.com/cabforum/servercert/compare/c4a34fe2292022e0a04ba66b5a85df75907ac2a2...f6a90e2a652fbb7a2d62a976b70f4af3adce8dae | https://github.com/cabforum/servercert/compare/c4a34fe2292022e0a04ba66b5a85df75907ac2a2...f6a90e2a652fbb7a2d62a976b70f4af3adce8dae ] 
Motion Ends 

This ballot proposes a Final Maintenance Guideline. The procedure for approval of this ballot is as follows: Discussion (at least 7 days) 

    * Start time: 2024-04-25 16:30:00 UTC 
    * End time: on or after 2024-05-02 16:30:00 UTC 
Vote for approval (7 days) 

    * Start time: 2024-05-05 8:30:00 UTC 
    * End time: 2024-05-12 8:30:00 UTC 

_______________________________________________
Servercert-wg mailing list [ mailto:Servercert-wg at cabforum.org | Servercert-wg at cabforum.org ] [ https://lists.cabforum.org/mailman/listinfo/servercert-wg | https://lists.cabforum.org/mailman/listinfo/servercert-wg ] 

_______________________________________________ 
Servercert-wg mailing list 
[ mailto:Servercert-wg at cabforum.org | Servercert-wg at cabforum.org ] 
[ https://lists.cabforum.org/mailman/listinfo/servercert-wg | https://lists.cabforum.org/mailman/listinfo/servercert-wg ] 

BQ_END

_______________________________________________ 
Servercert-wg mailing list 
Servercert-wg at cabforum.org 
https://lists.cabforum.org/mailman/listinfo/servercert-wg 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20240506/cedeb039/attachment-0001.html>