Apple votes Abstain. Curt
> On Feb 20, 2017, at 11:56 AM, Wayne Thayer via Public <[email protected]> > wrote: > > GoDaddy votes No. > > Our primary reasons for voting against are: > There was no attempt to build consensus around this ballot. While we > recognize that it takes a concrete proposal to spur action, we don’t believe > the discussion was constructive or that nearly enough time was allowed to > find common ground. > The 6-month deadline in the revised ballot represents consensus on how long > CAs should need to implement a change of this sort, but allowing more time > for planning can minimize the impact to all involved. For example: > Giving large companies time to plan and budget for better automation or more > resources. > Getting the word out to resellers who also need to notify their customers and > make changes to their systems. > Allowing CAs time to work with customers to fulfill or modify prior > obligations such as enterprise contracts, retail sales of new multi-year > certificates, or reissuance of multi-year certificates. > We’d like to understand the specific concerns driving the tight timeline and > weigh them against the benefits gained from a moderately later effective date. > > Thanks, > > Wayne > > From: Public [mailto:[email protected] > <mailto:[email protected]>] On Behalf Of Ryan Sleevi via Public > Sent: Monday, February 13, 2017 12:18 PM > To: CABFPub <[email protected] <mailto:[email protected]>> > Cc: Ryan Sleevi <[email protected] <mailto:[email protected]>> > Subject: [cabfpub] Ballot 185 (Revised) - Limiting the Lifetime of > Certificates > > Pursuant to the consensus on > https://cabforum.org/pipermail/public/2017-February/009530.html > <https://cabforum.org/pipermail/public/2017-February/009530.html>about the > nature of changes during the discussion period, and the request from Gervase > on https://cabforum.org/pipermail/public/2017-February/009618.html > <https://cabforum.org/pipermail/public/2017-February/009618.html> to adjust > what represents the Baseline agreement, this adjusts the effective date from > 1 April to 24 August. While individual programs may choose to enact or > enforce requirements prior to that, as the Baseline Requirements capture the > effective point of common agreement of the bare minimum security levels, it > seems appropriate that this Ballot accurately reflect that. > > > Ballot 185 - Limiting the Lifetime of Certificates > > The following motion has been proposed by Ryan Sleevi of Google, Inc and > endorsed by Josh Aas of ISRG and Gervase Markham of Mozilla to introduce new > Final Maintenance Guidelines for the "Baseline Requirements Certificate > Policy for the Issuance and Management of Publicly-Trusted Certificates" and > the "Guidelines for the Issuance and Management of Extended Validation > Certificates" > > -- MOTION BEGINS -- > Modify Section 6.3.2 of the "Baseline Requirements Certificate Policy for the > Issuance and Management of Publicly-Trusted Certificates" as follows: > > Replace Section 6.3.2, which reads as follows: > """ > 6.3.2. Certificate Operational Periods and Key Pair Usage Periods > > Subscriber Certificates issued after the Effective Date MUST have a Validity > Period no greater than 60 months. > Except as provided for below, Subscriber Certificates issued after 1 April > 2015 MUST have a Validity Period > no greater than 39 months. > > Until 30 June 2016, CAs MAY continue to issue Subscriber Certificates with a > Validity Period greater than 39 > months but not greater than 60 months provided that the CA documents that the > Certificate is for a system or > software that: > (a) was in use prior to the Effective Date; > (b) is currently in use by either the Applicant or a substantial number of > Relying Parties; > (c) fails to operate if the Validity Period is shorter than 60 months; > (d) does not contain known security risks to Relying Parties; and > (e) is difficult to patch or replace without substantial economic outlay > """ > > with the following text: > """ > 6.3.2. Certificate Operational Periods and Key Pair Usage Periods > > Subscriber Certificates issued on or after 24 August 2017 MUST NOT have a > Validity Period greater than three hundred and ninety-eight (398) days. > > Subscriber Certificates issued prior to 24 August 2017 MUST NOT have a > Validity Period greater than thirty-nine (39) months. > """ > > Modify Section 9.4 of the "Guidelines for the Issuance and Management of > Extended Validation Certificates" as follows: > > Replace Section 9.4, which reads as follows: > """ > 9.4. Maximum Validity Period For EV Certificate > > The validity period for an EV Certificate SHALL NOT exceed twenty seven > months. It is RECOMMENDED that EV > Subscriber Certificates have a maximum validity period of twelve months. > """ > > with the following text: > """" > 9.4 Maximum Validity Period for EV Certificate > > EV Certificates issued on or after 24 August 2017 MUST NOT have a Validity > Period greater than three hundred and ninety-eight (398) days. > > EV Certificates issued prior to 24 August 2017 MUST NOT have a Validity > Period greater than twenty seven (27) months. > """ > -- MOTION ENDS -- > > Ballot 185 - Limiting the Lifetime of Certificates > Status: Final Maintenance Guideline > > Review Period: > Start Time: 2017-02-10 00:00:00 UTC > End Time: 2017-02-17 00:00:00 UTC > > Vote for Approval: > Start Time: 2017-02-17 00:00:00 UTC > End Time: 2017-02-24 00:00:00 UTC > > Votes must be cast by posting an on-list reply to this thread on the Public > Mail List. > > A vote in favor of the ballot must indicate a clear 'yes' in the response. A > vote against must indicate a clear 'no' in the response. A vote to abstain > must indicate a clear 'abstain' in the response. Unclear responses will not > be counted. The latest vote received from any representative of a voting > Member before the close of the voting period will be counted. Voting Members > are listed here:https://cabforum.org/members/ <https://cabforum.org/members/> > > In order for the ballot to be adopted, two thirds or more of the votes cast > by Members in the CA category and greater than 50% of the votes cast by > members in the browser category must be in favor. > _______________________________________________ > Public mailing list > [email protected] <mailto:[email protected]> > https://cabforum.org/mailman/listinfo/public > <https://cabforum.org/mailman/listinfo/public>
_______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
