Ben let me know that there were questions about Ballot 190. The ballot was withdrawn and hasn't gone to vote yet because of Section 2:
"This provisions of Ballot Section 1 will apply only to the validation of domain names occurring after this Ballot 190's effective date. Validation of domain names that occurs before this Ballot's effective date and the resulting validation data may continue to be used for the periods specified in BR 4.2.1 and EVGL 11.14.3 so long as the validations were conducted in compliance with the BR Section 3.2.2.4 validation methods in effect at the time of each validation." I couldn't tell if the objection to this section was the section not being part of the Baseline Requirements or a general concern that CAs may have issued certificates using the "any other method" that will remain valid for potentially four years (for a re-issue that relies on a previous validation). Assuming the first issue is the primary concern, the following language was proposed in the validation working group for inclusion in the BRs: "Note: The changes to BR 3.2.2.4.1 through 3.2.2.4.10 will apply only to the validation of domain names occurring on or after [insert Ballot 190's effective date if it passes and completes its Review Period]. Validation of domain names that occurs before [insert Ballot 190's effective date if it passes and completes its Review Period] and the resulting validation data may continue to be used for the periods specified in BR 4.2.1 and EVGL 11.14.3 so long as the validations were conducted in compliance with the BR Section 3.2.2.4 validation methods in effect at the time of each validation." Rather than go through multiple iterations and have this ballot potentially fail, can we do a quick straw poll? 1. Does the proposed language resolve the previous concern with Ballot 190? 2. If not, should section 2 be dropped entirely. 3. If section 2 remains, would you vote against the ballot? 4. If section 2 was dropped, would you vote for the ballot? 5. Is there other language you'd prefer to see included instead? Jeremy
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
