[Servercert-wg] [Voting Begins] Ballot SC-74 - Clarify CP/CPS structure according to RFC 3647

Backman, Antti antti.backman at teliacompany.com
Thu May 9 18:30:21 UTC 2024


Telia changes its vote to ’no’ on Ballot SC-74

//Antti

________________________________
Lähettäjä: Servercert-wg <servercert-wg-bounces at cabforum.org> käyttäjän Backman, Antti via Servercert-wg <servercert-wg at cabforum.org> puolesta
Lähetetty: tiistaina, toukokuuta 7, 2024 8:31 ip.
Vastaanottaja: Dimitris Zacharopoulos (HARICA) <dzacharo at harica.gr>; CA/B Forum Server Certificate WG Public Discussion List <servercert-wg at cabforum.org>
Aihe: Re: [Servercert-wg] [Voting Begins] Ballot SC-74 - Clarify CP/CPS structure according to RFC 3647

Telia votes ’Yes’ on Ballot SC-074

//Antti

________________________________
Lähettäjä: Servercert-wg <servercert-wg-bounces at cabforum.org> käyttäjän Dimitris Zacharopoulos (HARICA) via Servercert-wg <servercert-wg at cabforum.org> puolesta
Lähetetty: sunnuntaina, toukokuuta 5, 2024 11:24 ap.
Vastaanottaja: CA/B Forum Server Certificate WG Public Discussion List <servercert-wg at cabforum.org>
Aihe: [Servercert-wg] [Voting Begins] Ballot SC-74 - Clarify CP/CPS structure according to RFC 3647

Voting begins for ballot SC-74.
SC-74 - Clarify CP/CPS structure according to RFC 3647
Summary

The TLS Baseline Requirements require in section 2.2 that:

"The Certificate Policy and/or Certification Practice Statement MUST be structured in accordance with RFC 3647 and MUST include all material required by RFC 3647."

The intent of this language was to ensure that all CAs' CP and/or CPS documents contain a similar structure, making it easier to review and compare against the BRs. However, there was some ambiguity as to the actual structure that CAs should follow. After several discussions in the SCWG Public Mailing List<https://lists.cabforum.org/pipermail/servercert-wg/2023-November/004070.html> and F2F meetings, it was agreed that more clarity should be added to the existing requirement, pointing to the outline described in section 6 of RFC 3647.

The following motion has been proposed by Dimitris Zacharopoulos (HARICA) and endorsed by Aaron Poulsen (Amazon) and Tim Hollebeek (Digicert).

You can view the github pull request representing this ballot here<https://github.com/cabforum/servercert/pull/503>.

Motion Begins

MODIFY the "Baseline Requirements for the Issuance and Management of Publicly-Trusted TLS Server Certificates" based on Version 2.0.4 as specified in the following redline:

  *   https://github.com/cabforum/servercert/compare/c4a34fe2292022e0a04ba66b5a85df75907ac2a2...f6a90e2a652fbb7a2d62a976b70f4af3adce8dae

Motion Ends

This ballot proposes a Final Maintenance Guideline. The procedure for approval of this ballot is as follows:

Discussion (at least 7 days)

  *   Start time: 2024-04-25 16:30:00 UTC
  *   End time: on or after 2024-05-02 16:30:00 UTC

Vote for approval (7 days)

  *   Start time: 2024-05-05 8:30:00 UTC
  *   End time: 2024-05-12 8:30:00 UTC


This email may contain information which is privileged or protected against unauthorized disclosure or communication. If you are not the intended recipient, please notify the sender and delete this message and any attachments from your system without producing, distributing or retaining copies thereof or disclosing its contents to any other person.

Telia Company processes emails and other files that may contain personal data in accordance with Telia Company’s Privacy Policy<https://www.teliacompany.com/en/about-the-company/privacy/>.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20240509/a0b2fdb7/attachment.html>


More information about the Servercert-wg mailing list