Unintentional, and thanks for calling it out. I don’t have strong feelings on the issue and agree broader participation is a useful goal, especially before requirements exist. Certificate Consumers can, and I expect will, have their own opinions on what audits are appropriate and necessary once they adopt the requirements. Do you have a proposed fix?
-Tim From: Ryan Sleevi <[email protected]> Sent: Sunday, April 19, 2020 4:41 PM To: Tim Hollebeek <[email protected]>; CABforum1 <[email protected]> Subject: Re: [cabfpub] Update about S/MIME Charter Looking through the resolved and unresolved aspects, the lack of feedback from you meant we still have one unaddressed matter in the draft: https://github.com/cabforum/documents/pull/167/files#r392389077 - The proposed draft charter forbids any CA from participating unless they already have particular audit schemes, despite this document not yet existing nor being incorporated into audit frameworks. This has been repeatedly raised as an issue for the past year, and it would be useful to know whether or not this is intentionally not being addressed. It does seem that there doesn't need to be restrictions on CA membership until such a document is produced (see also https://cabforum.org/pipermail/public/2020-March/014917.html )
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
