[cabf_validation] [cabfpub] Four sets of changes for proposed ballots

Tim Shirley TShirley at trustwave.com
Mon Jul 3 12:39:36 MST 2017

You did see my feedback on the ASN.1 change, right?  Wanted to make sure it didn’t get lost in the email server transition.  Reproduced below:

On the ASN.1 change, there’s a pervasive typo between line 1707 and 1733 of “id-evat-jursidiction” rather than “id-evat-jurisdiction” (10 instances in all).  Otherwise, looks good to me.

From: Validation [mailto:validation-bounces at cabforum.org] On Behalf Of Ben Wilson via Validation
Sent: Thursday, June 29, 2017 11:09 AM
To: CA/Browser Forum Validation WG List
Subject: Re: [cabf_validation] [cabfpub] Four sets of changes for proposed ballots

These all look good.  Let’s prepare ballots.

From: Public [mailto:public-bounces at cabforum.org] On Behalf Of Peter Bowen via Public
Sent: Sunday, June 18, 2017 3:52 PM
To: CA/Browser Forum Public Discussion List <public at cabforum.org<mailto:public at cabforum.org>>
Cc: Peter Bowen <pzb at amzn.com<mailto:pzb at amzn.com>>
Subject: [cabfpub] Four sets of changes for proposed ballots

I’ve promised a bunch of people to propose changes and fell rather behind.  So now I’ve got four sets of changes that need review for possible ballots:

https://github.com/cabforum/documents/compare/master...pzb:dnqualifier?expand=1<https://scanmail.trustwave.com/?c=4062&d=opjV2TYCy12KnXn8gnAiO_61GFyRJu3Wpb-uioBANA&s=5&u=https%3a%2f%2fgithub%2ecom%2fcabforum%2fdocuments%2fcompare%2fmaster%2e%2e%2epzb%3adnqualifier%3fexpand%3d1> adds dnQualifier as an allowed attribute for all certificate types (including DV)

https://github.com/cabforum/documents/compare/master...pzb:evj-asn?expand=1<https://scanmail.trustwave.com/?c=4062&d=opjV2TYCy12KnXn8gnAiO_61GFyRJu3Wpb742dBHMw&s=5&u=https%3a%2f%2fgithub%2ecom%2fcabforum%2fdocuments%2fcompare%2fmaster%2e%2e%2epzb%3aevj-asn%3fexpand%3d1> adds ASN.1 info on the EV jurisdiction attribute types

https://github.com/cabforum/documents/compare/master...pzb:ev-liability?expand=1<https://scanmail.trustwave.com/?c=4062&d=opjV2TYCy12KnXn8gnAiO_61GFyRJu3WpeT92NURYQ&s=5&u=https%3a%2f%2fgithub%2ecom%2fcabforum%2fdocuments%2fcompare%2fmaster%2e%2e%2epzb%3aev-liability%3fexpand%3d1> adds language to the EV guidelines to clarify that CAs may limit their aggregate liabilities

https://github.com/cabforum/documents/compare/master...pzb:underscores?expand=1<https://scanmail.trustwave.com/?c=4062&d=opjV2TYCy12KnXn8gnAiO_61GFyRJu3Wpbb5jNcVYQ&s=5&u=https%3a%2f%2fgithub%2ecom%2fcabforum%2fdocuments%2fcompare%2fmaster%2e%2e%2epzb%3aunderscores%3fexpand%3d1> allows underscores in domain names and clarifies what can go in common names.  This builds on Ben Wilson’s draft (thanks Ben!)

I still need to update the proposal to add SRVname as an allowed type of subject alternative name.  This will be a separate ballot.

I would appreciate feedback on any or all of these.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/validation/attachments/20170703/f2816e58/attachment.html>

More information about the Validation mailing list