[cabf_validation] F2F Topics

Rick Andrews Rick_Andrews at symantec.com
Fri Mar 17 10:55:53 MST 2017


Cool; thanks. I missed that.

-----Original Message-----
From: Peter Bowen [mailto:pzb at amzn.com] 
Sent: Friday, March 17, 2017 10:51 AM
To: CA/Browser Forum Validation WG List <validation at cabforum.org>
Cc: Rick Andrews <Rick_Andrews at symantec.com>
Subject: Re: [cabf_validation] F2F Topics

Rick,

For #11, it was already raised on the public list (https://clicktime.symantec.com/a/1/HVLx1ZHOOb6OlC03FbQccCnPFa90sc9oZo_cEgbRCSo=?d=nKIjxXbifa6A2hGw3JU2PTxEHkOOEaLt3gVz77gNBsyITEEOAtrykrH9xtNvCLg37DJGp-UVVi1-gxOcrlZZVhJuZH0UHCXNIK7vwgMmfRAlfNydLtWV3eKKGpqw563EFHliVlPpRtCBxa_t_FGPpTN7k7aWLRSCZ5eoo9FlDX57Ti1HIbuelodzDnNWbuZtvBM9d6lbIFaLcwihlwamM9JxEh0C4SJoyOsKYcjjXXEaryNMN2I05pXL_eYoXb57OPKH-S6fZ9aEC-Xb1N8bobCiHyjxxuVvW4dCSHRkJwDpozqSkuxAONYc4x1pRxG3xsnI2TqDUTr5LKj457AtVcasgYWhEqHsPX6YEHm0Cy9dmW6CJiyT672lp_uxhA%3D%3D&u=https%3A%2F%2Fcabforum.org%2Fpipermail%2Fpublic%2F2017-February%2F009807.html) that revocation should be required, based on a conversation I had with Kirk.  At least three CAs (Actalis, Entrust, and WoSign) have expressed support for the idea of requiring "seek out and revoke all such certs”

Thanks,
Peter

> On Mar 17, 2017, at 10:42 AM, Rick Andrews via Validation <validation at cabforum.org> wrote:
> 
> Jeremy, thanks for pulling this together. One nit: It’s ASN.1, not ANS.1. But more substantial: this is a long agenda, I suggest we try to prioritize because we’re unlikely to get through it all.
>  
> The ones of most interest to me are 1, 12, 4 and 6.
>  
> I also want to point out that unlike our biweekly VWG calls, the browsers are likely to be sitting in and listening/participating to our discussions. Caveat emptor. We may want to avoid discussing #11, lest the browsers agree it’s a great idea to force us to seek out and revoke all such certs.
>  
> -Rick
>  
> From: Validation [mailto:validation-bounces at cabforum.org] On Behalf Of Jeremy Rowley via Validation
> Sent: Friday, March 17, 2017 10:09 AM
> To: CA/Browser Forum Validation WG List <validation at cabforum.org>
> Cc: Jeremy Rowley <jeremy.rowley at digicert.com>
> Subject: [cabf_validation] F2F Topics
>  
> Hi all, 
>  
> I’m gathering the topics for the validation WG face to face coming up. Here’s what I have:
>  
> 1.       Ballot 190 – Waiting for one more endorser
> 2.       Ballot 191 – Waiting for endorsers
> 3.       Ballot 192 – Waiting for feedback from Doug
> 4.       Use of RAs in validation
> a.       Translators
> b.      Document providers
> c.       Document verifiers
> d.      Issuance approvers
> 5.       IP Address validation document revision
> 6.       HTTP validation discussion
> 7.       Contents of subordinate certificates (CN field ballot creation)
> 8.       ANS.1 ballot creation
> 9.       Permitting other addresses (such as PO boxes) in certificates
> 10.   Getting rid of address of existence from the BRs.
> 11.   What should we do about old OV certs? 
> 12.   Ballot to add the remaining methods into the BRs (revisions to 169)
>  
> Let me know if there’s anything you’d like to add. Thanks!
>  
> Jeremy
> _______________________________________________
> Validation mailing list
> Validation at cabforum.org
> https://clicktime.symantec.com/a/1/OFWso1_mu9Od0Ug0Jk4ch0MZA518r8bVEcGSuiURUs8=?d=nKIjxXbifa6A2hGw3JU2PTxEHkOOEaLt3gVz77gNBsyITEEOAtrykrH9xtNvCLg37DJGp-UVVi1-gxOcrlZZVhJuZH0UHCXNIK7vwgMmfRAlfNydLtWV3eKKGpqw563EFHliVlPpRtCBxa_t_FGPpTN7k7aWLRSCZ5eoo9FlDX57Ti1HIbuelodzDnNWbuZtvBM9d6lbIFaLcwihlwamM9JxEh0C4SJoyOsKYcjjXXEaryNMN2I05pXL_eYoXb57OPKH-S6fZ9aEC-Xb1N8bobCiHyjxxuVvW4dCSHRkJwDpozqSkuxAONYc4x1pRxG3xsnI2TqDUTr5LKj457AtVcasgYWhEqHsPX6YEHm0Cy9dmW6CJiyT672lp_uxhA%3D%3D&u=https%3A%2F%2Fcabforum.org%2Fmailman%2Flistinfo%2Fvalidation
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5725 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/validation/attachments/20170317/e6a21e81/attachment.bin>


More information about the Validation mailing list