[cabf_validation] Proposed ballot - EV State Optional

Fri Dec 16 00:29:05 MST 2016

Hi Adriano,

This is exactly what Tim proposed, whenever "state" or "province" has 
real meaning - use it, otherwise, its optional.

Thanks,
M.D.

On 12/16/2016 9:10 AM, Adriano Santoni via Validation wrote:
> Including StateOrProvince helps disambiguating the address of the 
> certificate holder, which seems to me an important information in both 
> OV and EV certificates, and there are several cases where - given just 
> a country and a locality - the exact location remains uncertain 
> because of homonyms.
>
> It is true that subdivisions named "state" or "province" do not exist 
> in all countries, but in most countries other subdivisions do exist 
> (eg. counties, regions, departments, Länder, etc.), and I do not see 
> why those cannot be specified in StateOrProvince....they should, IMO.
>
> Adriano
>
> Il 15/12/2016 19:53, Bruce Morton via Validation ha scritto:
>>
>> My concern with the list is that it will take some time to evaluate 
>> and come to agreement on 249 countries. Once that is completed, then 
>> we will have to maintain the list forever.
>>
>> I think that the CAs have been verifying Place of Business 
>> appropriately, but the guidelines are just poorly worded. The result 
>> is we do not know how to handle countries with no states and 
>> countries that have states, but do not use them as part of the 
>> address. This also means that the auditor can state that we have 
>> problems when we either do not include the state field or falsely put 
>> information in the state field.
>>
>> I would prefer that we just change the wording to as Tim put it, “if 
>> it’s in the address, it’s required.” If moving forward, we see a 
>> vulnerability with this method, then let’s at that time to consider 
>> the other method.
>>
>> Thanks, Bruce.
>>
>> *From:* Tim Hollebeek [mailto:THollebeek at trustwave.com]
>> *Sent:* Thursday, December 15, 2016 1:41 PM
>> *To:* Kirk Hall <Kirk.Hall at entrustdatacard.com>; CA/Browser Forum 
>> Validation WG List <validation at cabforum.org>; Bruce Morton 
>> <Bruce.Morton at entrustdatacard.com>
>> *Subject:* RE: Proposed ballot - EV State Optional
>>
>> Yes I like that even better as we can all debate the merits of each 
>> case and agree on the correct handling so there is absolutely no 
>> ambiguity.  Each country does tend to have subtle differences when 
>> we’ve previously discussed this on the policy calls.
>>
>> But people don’t seem to want to do that, and if they still don’t, I 
>> think “if it’s in the address, it’s required” is a reasonable low 
>> effort solution to move forward.
>>
>> *From:*Kirk Hall [mailto:Kirk.Hall at entrustdatacard.com]
>> *Sent:* Thursday, December 15, 2016 1:35 PM
>> *To:* CA/Browser Forum Validation WG List; Bruce Morton
>> *Cc:* Tim Hollebeek
>> *Subject:* RE: Proposed ballot - EV State Optional
>>
>> Another possibility is to leave state or province as required, but 
>> then add:
>>
>> “State or province is not required for the countries listed on 
>> Appendix X”
>>
>> Then we add places (Taiwan, Monaco, Vatican City, Germany, United 
>> Kingdom) as people bring them forward.  We could include an initial 
>> list with this ballot to avoid having to prepare another ballot to 
>> add places.
>>
>> *From:* Validation [mailto:validation-bounces at cabforum.org] *On 
>> Behalf Of *Tim Hollebeek via Validation
>> *Sent:* Thursday, December 15, 2016 10:26 AM
>> *To:* Bruce Morton <Bruce.Morton at entrustdatacard.com 
>> <mailto:Bruce.Morton at entrustdatacard.com>>; CA/Browser Forum 
>> Validation WG List <validation at cabforum.org 
>> <mailto:validation at cabforum.org>>
>> *Cc:* Tim Hollebeek <THollebeek at trustwave.com 
>> <mailto:THollebeek at trustwave.com>>
>> *Subject:* Re: [cabf_validation] Proposed ballot - EV State Optional
>>
>> Yes, I like something along those lines.
>>
>> *From:*Bruce Morton [mailto:Bruce.Morton at entrustdatacard.com]
>> *Sent:* Thursday, December 15, 2016 1:25 PM
>> *To:* Tim Hollebeek; CA/Browser Forum Validation WG List
>> *Subject:* RE: Proposed ballot - EV State Optional
>>
>> How about this?
>>
>> Required/Optional:
>>
>> City and country – Required;
>>
>> State – Required, if verified per Section 11.4.1 as part of the 
>> address for the Place of Business;
>>
>> Street and postal code – Optional
>>
>> If there is no state or the state is not used as part of the address, 
>> then it is not required.
>>
>> Bruce.
>>
>> *From:* Tim Hollebeek [mailto:THollebeek at trustwave.com]
>> *Sent:* Thursday, December 15, 2016 10:19 AM
>> *To:* CA/Browser Forum Validation WG List <validation at cabforum.org 
>> <mailto:validation at cabforum.org>>
>> *Cc:* Bruce Morton <Bruce.Morton at entrustdatacard.com 
>> <mailto:Bruce.Morton at entrustdatacard.com>>
>> *Subject:* RE: Proposed ballot - EV State Optional
>>
>> But City + Country is not unique in many common, important cases 
>> (“Springfield, United States”), and the state is also important since 
>> state laws tend to vary quite a bit in the US … I think something 
>> more in the spirit of the current BRs that does a better job of 
>> tightening up what “where applicable” means would be better.
>>
>> I don’t want to lose the requirement that US EV certificates MUST 
>> include the state.
>>
>> -Tim
>>
>> *From:*Validation [mailto:validation-bounces at cabforum.org] *On Behalf 
>> Of *Bruce Morton via Validation
>> *Sent:* Thursday, December 15, 2016 9:28 AM
>> *To:* CA/Browser Forum Validation WG List
>> *Cc:* Bruce Morton
>> *Subject:* [cabf_validation] Proposed ballot - EV State Optional
>>
>> Here is a proposed ballot per my action.
>>
>> Thanks, Bruce.
>>
>> *Background*:
>>
>> There is confusion on whether the state or province OID MUST be 
>> included in an EV certificate. EV section 9.2.7 states in one place 
>> “State or province (where applicable)” and also “City, state and 
>> country – Required.”
>>
>> Since many countries do not have states or provinces and some that do 
>> have states or provinces do not use them for their address, it is 
>> proposed that inclusion of the state or province OID should be optional.
>>
>> *-- MOTION BEGINS --*
>>
>> /Current section 9.2.7 of EV Guidelines/:
>>
>> *Required/Optional:*City, state, and country – Required; Street and 
>> postal code – Optional
>>
>> /Proposed section 9.2.7 of EV Guidelines:/
>>
>> *Required/Optional:*City and country – Required; Street, state and 
>> postal code – Optional
>>
>> *-- MOTION ENDS -- *
>>
>> The review period for this ballot shall commence at 2200 UTC on XX, 
>> and will close at 2200 UTC on XX. Unless the motion is withdrawn 
>> during the review period, the voting period will start immediately 
>> thereafter and will close at 2200 UTC on XX. Votes must be cast by 
>> posting an on-list reply to this thread.
>>
>> A vote in favor of the motion must indicate a clear 'yes' in the 
>> response. A vote against must indicate a clear 'no' in the response. 
>> A vote to abstain must indicate a clear 'abstain' in the response. 
>> Unclear responses will not be counted. The latest vote received from 
>> any representative of a voting member before the close of the voting 
>> period will be counted. Voting members are listed here: 
>> https://cabforum.org/members/ 
>> <https://scanmail.trustwave.com/?c=4062&d=4uLS2LctdUselJfNN_qKqhlUiQGKRBR1RnDgtqpA8A&s=5&u=https%3a%2f%2fcabforum%2eorg%2fmembers%2f> 
>>
>>
>> In order for the motion to be adopted, two thirds or more of the 
>> votes cast by members in the CA category and greater than 50% of the 
>> votes cast by members in the browser category must be in favor. 
>> Quorum is currently nine (9) members– at least nine members must 
>> participate in the ballot, either by voting in favor, voting against, 
>> or abstaining.
>>
>> ------------------------------------------------------------------------
>>
>>
>> This transmission may contain information that is privileged, 
>> confidential, and/or exempt from disclosure under applicable law. If 
>> you are not the intended recipient, you are hereby notified that any 
>> disclosure, copying, distribution, or use of the information 
>> contained herein (including any reliance thereon) is strictly 
>> prohibited. If you received this transmission in error, please 
>> immediately contact the sender and destroy the material in its 
>> entirety, whether in electronic or hard copy format.
>>
>> ------------------------------------------------------------------------
>>
>>
>> This transmission may contain information that is privileged, 
>> confidential, and/or exempt from disclosure under applicable law. If 
>> you are not the intended recipient, you are hereby notified that any 
>> disclosure, copying, distribution, or use of the information 
>> contained herein (including any reliance thereon) is strictly 
>> prohibited. If you received this transmission in error, please 
>> immediately contact the sender and destroy the material in its 
>> entirety, whether in electronic or hard copy format.
>>
>> ------------------------------------------------------------------------
>>
>>
>> This transmission may contain information that is privileged, 
>> confidential, and/or exempt from disclosure under applicable law. If 
>> you are not the intended recipient, you are hereby notified that any 
>> disclosure, copying, distribution, or use of the information 
>> contained herein (including any reliance thereon) is strictly 
>> prohibited. If you received this transmission in error, please 
>> immediately contact the sender and destroy the material in its 
>> entirety, whether in electronic or hard copy format.
>>
>>
>>
>> _______________________________________________
>> Validation mailing list
>> Validation at cabforum.org
>> https://cabforum.org/mailman/listinfo/validation
>
>
>
> _______________________________________________
> Validation mailing list
> Validation at cabforum.org
> https://cabforum.org/mailman/listinfo/validation

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/validation/attachments/20161216/33d0bc26/attachment-0001.html>