Re: [cabfpub] Voting has started on Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

[Frank Corday via Public]

Trustwave votes YES to Ballot SC10

From: Public mailto:public-boun...@cabforum.org>> 
On Behalf Of Kirk Hall via Public
Sent: Thursday, September 27, 2018 5:26 PM
To: CABFPub mailto:public@cabforum.org>>
Subject: [cabfpub] Voting has started on Ballot SC10 – Establishing the Network 
Security Subcommittee of the SCWG

Voting ends on 4 October 2018 at 22:00 UTC.

From: Servercert-wg [mailto:servercert-wg-boun...@cabforum.org] On Behalf Of 
Dimitris Zacharopoulos via Servercert-wg
Sent: Thursday, September 20, 2018 9:02 AM
To: CA/B Forum Server Certificate WG Public Discussion List 
mailto:servercert...@cabforum.org>>
Subject: [Servercert-wg] Ballot SC10 – Establishing the Network Security 
Subcommittee of the SCWG
Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

Purpose of Ballot
The Network Security Working Group of the CA/Browser Forum expired on June 19, 
2018 under the terms of Ballot 203 which established the Working Group. The 
Server Certificate Working Group wishes to establish a Network Security 
Subcommittee pursuant to Bylaws 5.3.1(e).
The following motion has been proposed by Dimitris Zacharopoulos of HARICA and 
endorsed by Tim Hollebeek of DigiCert and Wayne Thayer of Mozilla.
--- MOTION BEGINS ---
The Server Certificate Working Group hereby establishes the Network Security 
Subcommittee as an official Subcommittee.

1. Mission: To improve security policies and practices for Certificate 
Management Systems encoded in the guidelines maintained by the SCWG.

2. End Date: This Subcommittee shall continue until it is dissolved by a vote 
of the SCWG
3. Deliverables: The Network Security Subcommittee shall propose ballots to the 
SCWG to improve the minimal security standards within the mission defined above 
This includes modifying the existing Network and Certificate System Security 
Requirements (NCSSR) or to create new requirements, guidelines, or best 
practices. Among other activities, the Network Security Subcommittee shall 
perform security analysis on typical CA Management Systems offering options to 
the Server Certificate Working Group for establishing minimal security 
standards. Risk analysis will also be used to provide a better understanding of 
threats and vulnerabilities in Certificate Management Systems. This process can 
be used to provide better reasoning and justification of existing or future 
security guidelines.
4. Participation: Any member of the SCWG is eligible and may declare their 
participation in the Network Security Subcommittee by requesting to be added to 
the mailing list.
5. Chair: Ben Wilson shall be the initial Chair of the Network Security 
Subcommittee.  The Subcommittee may change its Chair from time to time by 
consensus of the Members participating in the Subcommittee or by voting method 
chosen by the Members by consensus.
6. Communication: Subcommittee communications and documents shall be posted on 
mailing-lists where the mail-archives are publicly accessible, and the 
Subcommittee shall publish minutes of its meetings.
7. Effect of SCWG Charter or Forum Bylaws Amendment for Subcommittees: In the 
event the SCWG Charter or the Forum Bylaws is amended to add general rules 
governing Chartered Working Group Subcommittees and how they operate (“General 
Rules”), the provisions of the General Rules shall take precedence over this 
charter.
--- MOTION ENDS ---


The procedure for approval of this ballot is as follows:
Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG


Start time (22:00 UTC)


End time (22:00 UTC)


Discussion (7 days)


20 September 2018


27 September 2018


Vote for approval (7 days)


27 September 2018


4 October 2018


Additional Information (not part of Ballot)
Bylaws v1.9
5.3.1 Formation of Chartered Working Groups
(e) CWGs may establish any number of subcommittees within its own Working Group 
to address any of such CWG’s business (each, a “Subcommittee”). A CWG-created 
Subcommittee needs to be approved by the CWG itself according to the approval 
process set forth in the CWG charter, but approval of the Forum is not 
necessary. Subcommittees must exist under an approved CWG.

Ballot 203: Formation of Network Security Working Group (v2)



Purpose of Ballot: To form a Network Security Working Group to re-evaluate the 
CAB Forum's Network Security Guidelines.



The following motion has been proposed by Gervase Markham of Mozilla and 
endorsed by Jeremy Rowley of DigiCert and Moudrick Dadashov of SSC:



-- MOTION BEGINS –



In accordance with Section 5.3 of the CA/B Forum Bylaws, the chartering of a 
new Working Group requires a ballot. This ballot charters the Network Security 
Working Group.



The CAB Forum's Network Security Guidelines were adopted in August 2012 but 
have not been updated since. Significant doubts have been raised as to their 
fitness for purpose in 2017. Therefore, the Working Group’s charter will be as 
follows:



Scope



1. Consider options for revising, 

Re: [cabfpub] Voting has started on Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

[realsky(CHT) via Public]

Chunghwa Telecom votes YES on Ballot SC10.

Thanks!

   Li-Chun Chen



From: Public mailto:public-bounces at 
cabforum.org>> On Behalf Of Kirk Hall via Public
Sent: Thursday, September 27, 2018 5:26 PM
To: CABFPub mailto:public at cabforum.org>>
Subject: [cabfpub] Voting has started on Ballot SC10 – Establishing the Network 
Security Subcommittee of the SCWG

Voting ends on 4 October 2018 at 22:00 UTC.

From: Servercert-wg [mailto:servercert-wg-bounces at cabforum.org] On Behalf Of 
Dimitris Zacharopoulos via Servercert-wg
Sent: Thursday, September 20, 2018 9:02 AM
To: CA/B Forum Server Certificate WG Public Discussion List mailto:servercert-wg at cabforum.org>>
Subject: [Servercert-wg] Ballot SC10 – Establishing the Network Security 
Subcommittee of the SCWG
Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

Purpose of Ballot
The Network Security Working Group of the CA/Browser Forum expired on June 19, 
2018 under the terms of Ballot 203 which established the Working Group. The 
Server Certificate Working Group wishes to establish a Network Security 
Subcommittee pursuant to Bylaws 5.3.1(e).
The following motion has been proposed by Dimitris Zacharopoulos of HARICA and 
endorsed by Tim Hollebeek of DigiCert and Wayne Thayer of Mozilla.
--- MOTION BEGINS ---
The Server Certificate Working Group hereby establishes the Network Security 
Subcommittee as an official Subcommittee.

1. Mission: To improve security policies and practices for Certificate 
Management Systems encoded in the guidelines maintained by the SCWG.

2. End Date: This Subcommittee shall continue until it is dissolved by a vote 
of the SCWG
3. Deliverables: The Network Security Subcommittee shall propose ballots to the 
SCWG to improve the minimal security standards within the mission defined above 
This includes modifying the existing Network and Certificate System Security 
Requirements (NCSSR) or to create new requirements, guidelines, or best 
practices. Among other activities, the Network Security Subcommittee shall 
perform security analysis on typical CA Management Systems offering options to 
the Server Certificate Working Group for establishing minimal security 
standards. Risk analysis will also be used to provide a better understanding of 
threats and vulnerabilities in Certificate Management Systems. This process can 
be used to provide better reasoning and justification of existing or future 
security guidelines.
4. Participation: Any member of the SCWG is eligible and may declare their 
participation in the Network Security Subcommittee by requesting to be added to 
the mailing list.
5. Chair: Ben Wilson shall be the initial Chair of the Network Security 
Subcommittee.  The Subcommittee may change its Chair from time to time by 
consensus of the Members participating in the Subcommittee or by voting method 
chosen by the Members by consensus.
6. Communication: Subcommittee communications and documents shall be posted on 
mailing-lists where the mail-archives are publicly accessible, and the 
Subcommittee shall publish minutes of its meetings.
7. Effect of SCWG Charter or Forum Bylaws Amendment for Subcommittees: In the 
event the SCWG Charter or the Forum Bylaws is amended to add general rules 
governing Chartered Working Group Subcommittees and how they operate (“General 
Rules”), the provisions of the General Rules shall take precedence over this 
charter.
--- MOTION ENDS ---


The procedure for approval of this ballot is as follows:
Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG


Start time (22:00 UTC)


End time (22:00 UTC)


Discussion (7 days)


20 September 2018


27 September 2018


Vote for approval (7 days)


27 September 2018


4 October 2018




本信件可能包含中華電信股份有限公司機密資訊,非指定之收件者,請勿蒐集、處理或利用本信件內容,並請銷毀此信件. 
如為指定收件者,應確實保護郵件中本公司之營業機密及個人資料,不得任意傳佈或揭露,並應自行確認本郵件之附檔與超連結之安全性,以共同善盡資訊安全與個資保護責任. 
Please be advised that this email message (including any attachments) contains 
confidential information and may be legally privileged. If you are not the 
intended recipient, please destroy this message and all attachments from your 
system and do not further collect, process, or use them. Chunghwa Telecom and 
all its subsidiaries and associated companies shall not be liable for the 
improper or incomplete transmission of the information contained in this email 
nor for any delay in its receipt or damage to your system. If you are the 
intended recipient, please protect the confidential and/or personal information 
contained in this email with due care. Any unauthorized use, disclosure or 
distribution of this message in whole or in part is strictly prohibited. Also, 
please self-inspect attachments and hyperlinks contained in this email to 
ensure the information security and to protect personal information.


___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] Voting has started on Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

[Christopher Kemmerer via Public]

SSL.com votes YES.

- csk

On 9/27/2018 7:25 PM, Kirk Hall via Public wrote:


Voting ends on 4 October 2018 at 22:00 UTC.

*From:*Servercert-wg [mailto:servercert-wg-boun...@cabforum.org] *On 
Behalf Of *Dimitris Zacharopoulos via Servercert-wg

*Sent:* Thursday, September 20, 2018 9:02 AM
*To:* CA/B Forum Server Certificate WG Public Discussion List 

*Subject:* [Servercert-wg] Ballot SC10 – Establishing the Network 
Security Subcommittee of the SCWG



  Ballot SC10 – Establishing the Network Security Subcommittee of
  the SCWG


  Purpose of Ballot

The Network Security Working Group of the CA/Browser Forum expired on 
June 19, 2018 under the terms of Ballot 203 which established the 
Working Group. The Server Certificate Working Group wishes to 
establish a Network Security Subcommittee pursuant to Bylaws 5.3.1(e).


The following motion has been proposed by Dimitris Zacharopoulos of 
HARICA and endorsed by Tim Hollebeek of DigiCert and Wayne Thayer of 
Mozilla.**


*--- MOTION BEGINS ---*

The Server Certificate Working Group hereby establishes the *Network 
Security Subcommittee* as an official Subcommittee.


*1. Mission: *To improve security policies and practices for 
Certificate Management Systems encoded in the guidelines maintained by 
the SCWG.


*
2. End Date: *This Subcommittee shall continue until it is dissolved 
by a vote of the SCWG


*3. Deliverables: *The Network Security Subcommittee shall propose 
ballots to the SCWG to improve the minimal security standards within 
the mission defined above This includes modifying the existing Network 
and Certificate System Security Requirements (NCSSR) or to create new 
requirements, guidelines, or best practices. Among other activities, 
the Network Security Subcommittee shall perform security analysis on 
typical CA Management Systems offering options to the Server 
Certificate Working Group for establishing minimal security standards. 
Risk analysis will also be used to provide a better understanding of 
threats and vulnerabilities in Certificate Management Systems. This 
process can be used to provide better reasoning and justification of 
existing or future security guidelines.


*4. Participation: *Any member of the SCWG is eligible and may declare 
their participation in the Network Security Subcommittee by requesting 
to be added to the mailing list.


*5. Chair: *Ben Wilson**shall be the initial Chair of the Network 
Security Subcommittee.  The Subcommittee may change its Chair from 
time to time by consensus of the Members participating in the 
Subcommittee or by voting method chosen by the Members by consensus.


*6. Communication: *Subcommittee communications and documents shall be 
posted on mailing-lists where the mail-archives are publicly 
accessible, and the Subcommittee shall publish minutes of its meetings.


*7. Effect of SCWG Charter or Forum Bylaws Amendment for 
Subcommittees: *In the event the SCWG Charter or the Forum Bylaws is 
amended to add general rules governing Chartered Working Group 
Subcommittees and how they operate (“General Rules”), the provisions 
of the General Rules shall take precedence over this charter.


*--- MOTION ENDS ---*

The procedure for approval of this ballot is as follows:

*Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG*



*Start time (22:00 UTC)*



*End time (22:00 UTC)*

Discussion (7 days)



20 September 2018



27 September 2018

Vote for approval (7 days)



27 September 2018



4 October 2018


  Additional Information (not part of Ballot)

*Bylaws v1.9*


5.3.1 Formation of Chartered Working Groups

(e) CWGs may establish any number of subcommittees within its own 
Working Group to address any of such CWG’s business (each, a 
“Subcommittee”). A CWG-created Subcommittee needs to be approved by 
the CWG itself according to the approval process set forth in the CWG 
charter, but approval of the Forum is not necessary. Subcommittees 
must exist under an approved CWG.


*Ballot 203: Formation of Network Security Working Group (v2)*

Purpose of Ballot: To form a Network Security Working Group to 
re-evaluate the CAB Forum's Network Security Guidelines.


The following motion has been proposed by Gervase Markham of Mozilla 
and endorsed by Jeremy Rowley of DigiCert and Moudrick Dadashov of SSC:


-- MOTION BEGINS –

In accordance with Section 5.3 of the CA/B Forum Bylaws, the 
chartering of a new Working Group requires a ballot. This ballot 
charters the Network Security Working Group.


The CAB Forum's Network Security Guidelines were adopted in August 
2012 but have not been updated since. Significant doubts have been 
raised as to their fitness for purpose in 2017. Therefore, the Working 
Group’s charter will be as follows:


Scope

1. Consider options for revising, replacing or scrapping the Network 
Security Guidelines.


Deliverables

1. A report with one or more proposals for the 

Re: [cabfpub] Voting has started on Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

[Stephen Davidson via Public]

WISeKey QuoVadis votes yes on Ballot SC10.
Regards, Stephen



From: Public mailto:public-boun...@cabforum.org>> 
On Behalf Of Kirk Hall via Public
Sent: Thursday, September 27, 2018 5:26 PM
To: CABFPub mailto:public@cabforum.org>>
Subject: [cabfpub] Voting has started on Ballot SC10 – Establishing the Network 
Security Subcommittee of the SCWG

Voting ends on 4 October 2018 at 22:00 UTC.

From: Servercert-wg [mailto:servercert-wg-boun...@cabforum.org] On Behalf Of 
Dimitris Zacharopoulos via Servercert-wg
Sent: Thursday, September 20, 2018 9:02 AM
To: CA/B Forum Server Certificate WG Public Discussion List 
mailto:servercert...@cabforum.org>>
Subject: [Servercert-wg] Ballot SC10 – Establishing the Network Security 
Subcommittee of the SCWG
Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

Purpose of Ballot
The Network Security Working Group of the CA/Browser Forum expired on June 19, 
2018 under the terms of Ballot 203 which established the Working Group. The 
Server Certificate Working Group wishes to establish a Network Security 
Subcommittee pursuant to Bylaws 5.3.1(e).
The following motion has been proposed by Dimitris Zacharopoulos of HARICA and 
endorsed by Tim Hollebeek of DigiCert and Wayne Thayer of Mozilla.
--- MOTION BEGINS ---
The Server Certificate Working Group hereby establishes the Network Security 
Subcommittee as an official Subcommittee.

1. Mission: To improve security policies and practices for Certificate 
Management Systems encoded in the guidelines maintained by the SCWG.

2. End Date: This Subcommittee shall continue until it is dissolved by a vote 
of the SCWG
3. Deliverables: The Network Security Subcommittee shall propose ballots to the 
SCWG to improve the minimal security standards within the mission defined above 
This includes modifying the existing Network and Certificate System Security 
Requirements (NCSSR) or to create new requirements, guidelines, or best 
practices. Among other activities, the Network Security Subcommittee shall 
perform security analysis on typical CA Management Systems offering options to 
the Server Certificate Working Group for establishing minimal security 
standards. Risk analysis will also be used to provide a better understanding of 
threats and vulnerabilities in Certificate Management Systems. This process can 
be used to provide better reasoning and justification of existing or future 
security guidelines.
4. Participation: Any member of the SCWG is eligible and may declare their 
participation in the Network Security Subcommittee by requesting to be added to 
the mailing list.
5. Chair: Ben Wilson shall be the initial Chair of the Network Security 
Subcommittee.  The Subcommittee may change its Chair from time to time by 
consensus of the Members participating in the Subcommittee or by voting method 
chosen by the Members by consensus.
6. Communication: Subcommittee communications and documents shall be posted on 
mailing-lists where the mail-archives are publicly accessible, and the 
Subcommittee shall publish minutes of its meetings.
7. Effect of SCWG Charter or Forum Bylaws Amendment for Subcommittees: In the 
event the SCWG Charter or the Forum Bylaws is amended to add general rules 
governing Chartered Working Group Subcommittees and how they operate (“General 
Rules”), the provisions of the General Rules shall take precedence over this 
charter.
--- MOTION ENDS ---


The procedure for approval of this ballot is as follows:
Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG


Start time (22:00 UTC)


End time (22:00 UTC)


Discussion (7 days)


20 September 2018


27 September 2018


Vote for approval (7 days)


27 September 2018


4 October 2018


Additional Information (not part of Ballot)
Bylaws v1.9
5.3.1 Formation of Chartered Working Groups
(e) CWGs may establish any number of subcommittees within its own Working Group 
to address any of such CWG’s business (each, a “Subcommittee”). A CWG-created 
Subcommittee needs to be approved by the CWG itself according to the approval 
process set forth in the CWG charter, but approval of the Forum is not 
necessary. Subcommittees must exist under an approved CWG.

Ballot 203: Formation of Network Security Working Group (v2)



Purpose of Ballot: To form a Network Security Working Group to re-evaluate the 
CAB Forum's Network Security Guidelines.



The following motion has been proposed by Gervase Markham of Mozilla and 
endorsed by Jeremy Rowley of DigiCert and Moudrick Dadashov of SSC:



-- MOTION BEGINS –



In accordance with Section 5.3 of the CA/B Forum Bylaws, the chartering of a 
new Working Group requires a ballot. This ballot charters the Network Security 
Working Group.



The CAB Forum's Network Security Guidelines were adopted in August 2012 but 
have not been updated since. Significant doubts have been raised as to their 
fitness for purpose in 2017. Therefore, the Working Group’s charter will be as 
follows:



Scope



1. 

Re: [cabfpub] Voting has started on Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

[Mike Reilly (GRC) via Public]

Microsoft votes YES.  Thanks, Mike

From: Public  On Behalf Of Kirk Hall via Public
Sent: Thursday, September 27, 2018 5:26 PM
To: CABFPub 
Subject: [cabfpub] Voting has started on Ballot SC10 – Establishing the Network 
Security Subcommittee of the SCWG

Voting ends on 4 October 2018 at 22:00 UTC.

From: Servercert-wg [mailto:servercert-wg-boun...@cabforum.org] On Behalf Of 
Dimitris Zacharopoulos via Servercert-wg
Sent: Thursday, September 20, 2018 9:02 AM
To: CA/B Forum Server Certificate WG Public Discussion List 
mailto:servercert...@cabforum.org>>
Subject: [Servercert-wg] Ballot SC10 – Establishing the Network Security 
Subcommittee of the SCWG
Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

Purpose of Ballot
The Network Security Working Group of the CA/Browser Forum expired on June 19, 
2018 under the terms of Ballot 203 which established the Working Group. The 
Server Certificate Working Group wishes to establish a Network Security 
Subcommittee pursuant to Bylaws 5.3.1(e).
The following motion has been proposed by Dimitris Zacharopoulos of HARICA and 
endorsed by Tim Hollebeek of DigiCert and Wayne Thayer of Mozilla.
--- MOTION BEGINS ---
The Server Certificate Working Group hereby establishes the Network Security 
Subcommittee as an official Subcommittee.

1. Mission: To improve security policies and practices for Certificate 
Management Systems encoded in the guidelines maintained by the SCWG.

2. End Date: This Subcommittee shall continue until it is dissolved by a vote 
of the SCWG
3. Deliverables: The Network Security Subcommittee shall propose ballots to the 
SCWG to improve the minimal security standards within the mission defined above 
This includes modifying the existing Network and Certificate System Security 
Requirements (NCSSR) or to create new requirements, guidelines, or best 
practices. Among other activities, the Network Security Subcommittee shall 
perform security analysis on typical CA Management Systems offering options to 
the Server Certificate Working Group for establishing minimal security 
standards. Risk analysis will also be used to provide a better understanding of 
threats and vulnerabilities in Certificate Management Systems. This process can 
be used to provide better reasoning and justification of existing or future 
security guidelines.
4. Participation: Any member of the SCWG is eligible and may declare their 
participation in the Network Security Subcommittee by requesting to be added to 
the mailing list.
5. Chair: Ben Wilson shall be the initial Chair of the Network Security 
Subcommittee.  The Subcommittee may change its Chair from time to time by 
consensus of the Members participating in the Subcommittee or by voting method 
chosen by the Members by consensus.
6. Communication: Subcommittee communications and documents shall be posted on 
mailing-lists where the mail-archives are publicly accessible, and the 
Subcommittee shall publish minutes of its meetings.
7. Effect of SCWG Charter or Forum Bylaws Amendment for Subcommittees: In the 
event the SCWG Charter or the Forum Bylaws is amended to add general rules 
governing Chartered Working Group Subcommittees and how they operate (“General 
Rules”), the provisions of the General Rules shall take precedence over this 
charter.
--- MOTION ENDS ---


The procedure for approval of this ballot is as follows:
Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG


Start time (22:00 UTC)


End time (22:00 UTC)


Discussion (7 days)


20 September 2018


27 September 2018


Vote for approval (7 days)


27 September 2018


4 October 2018


Additional Information (not part of Ballot)
Bylaws v1.9
5.3.1 Formation of Chartered Working Groups
(e) CWGs may establish any number of subcommittees within its own Working Group 
to address any of such CWG’s business (each, a “Subcommittee”). A CWG-created 
Subcommittee needs to be approved by the CWG itself according to the approval 
process set forth in the CWG charter, but approval of the Forum is not 
necessary. Subcommittees must exist under an approved CWG.

Ballot 203: Formation of Network Security Working Group (v2)



Purpose of Ballot: To form a Network Security Working Group to re-evaluate the 
CAB Forum's Network Security Guidelines.



The following motion has been proposed by Gervase Markham of Mozilla and 
endorsed by Jeremy Rowley of DigiCert and Moudrick Dadashov of SSC:



-- MOTION BEGINS –



In accordance with Section 5.3 of the CA/B Forum Bylaws, the chartering of a 
new Working Group requires a ballot. This ballot charters the Network Security 
Working Group.



The CAB Forum's Network Security Guidelines were adopted in August 2012 but 
have not been updated since. Significant doubts have been raised as to their 
fitness for purpose in 2017. Therefore, the Working Group’s charter will be as 
follows:



Scope



1. Consider options for revising, replacing or scrapping the Network Security 
Guidelines.

Re: [cabfpub] Voting has started on Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

[Jos Purvis (jopurvis) via Public]

Cisco votes YES on SC-10.

 

 

-- 
Jos Purvis (jopur...@cisco.com)
.:|:.:|:. cisco systems  | Cryptographic Services
PGP: 0xFD802FEE07D19105  | +1 919.991.9114 (desk)

 

 

From: Public  on behalf of CA/B Forum Public List 

Reply-To: Kirk Hall , CA/B Forum Public List 

Date: Thursday, 27 September, 2018 at 20:25 
To: CA/B Forum Public List 
Subject: [cabfpub] Voting has started on Ballot SC10 – Establishing the Network 
Security Subcommittee of the SCWG

 

Voting ends on 4 October 2018 at 22:00 UTC.

 

From: Servercert-wg [mailto:servercert-wg-boun...@cabforum.org] On Behalf Of 
Dimitris Zacharopoulos via Servercert-wg
Sent: Thursday, September 20, 2018 9:02 AM
To: CA/B Forum Server Certificate WG Public Discussion List 

Subject: [Servercert-wg] Ballot SC10 – Establishing the Network Security 
Subcommittee of the SCWG
Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG
 
Purpose of Ballot 
The Network Security Working Group of the CA/Browser Forum expired on June 19, 
2018 under the terms of Ballot 203 which established the Working Group. The 
Server Certificate Working Group wishes to establish a Network Security 
Subcommittee pursuant to Bylaws 5.3.1(e).

The following motion has been proposed by Dimitris Zacharopoulos of HARICA and 
endorsed by Tim Hollebeek of DigiCert and Wayne Thayer of Mozilla.

--- MOTION BEGINS ---

The Server Certificate Working Group hereby establishes the Network Security 
Subcommittee as an official Subcommittee.

1. Mission: To improve security policies and practices for Certificate 
Management Systems encoded in the guidelines maintained by the SCWG. 


2. End Date: This Subcommittee shall continue until it is dissolved by a vote 
of the SCWG

3. Deliverables: The Network Security Subcommittee shall propose ballots to the 
SCWG to improve the minimal security standards within the mission defined above 
This includes modifying the existing Network and Certificate System Security 
Requirements (NCSSR) or to create new requirements, guidelines, or best 
practices. Among other activities, the Network Security Subcommittee shall 
perform security analysis on typical CA Management Systems offering options to 
the Server Certificate Working Group for establishing minimal security 
standards. Risk analysis will also be used to provide a better understanding of 
threats and vulnerabilities in Certificate Management Systems. This process can 
be used to provide better reasoning and justification of existing or future 
security guidelines.

4. Participation: Any member of the SCWG is eligible and may declare their 
participation in the Network Security Subcommittee by requesting to be added to 
the mailing list. 

5. Chair: Ben Wilson shall be the initial Chair of the Network Security 
Subcommittee.  The Subcommittee may change its Chair from time to time by 
consensus of the Members participating in the Subcommittee or by voting method 
chosen by the Members by consensus.  

6. Communication: Subcommittee communications and documents shall be posted on 
mailing-lists where the mail-archives are publicly accessible, and the 
Subcommittee shall publish minutes of its meetings.

7. Effect of SCWG Charter or Forum Bylaws Amendment for Subcommittees: In the 
event the SCWG Charter or the Forum Bylaws is amended to add general rules 
governing Chartered Working Group Subcommittees and how they operate (“General 
Rules”), the provisions of the General Rules shall take precedence over this 
charter.

--- MOTION ENDS ---

 

The procedure for approval of this ballot is as follows: 

Ballot SC10 – Establishing the Network Security Subcommittee of the SCWGStart 
time (22:00 UTC) End time (22:00 UTC) 
Discussion (7 days) 20 September 2018 27 September 2018 
Vote for approval (7 days) 27 September 2018 4 October 2018 

  
Additional Information (not part of Ballot)
Bylaws v1.9
5.3.1 Formation of Chartered Working Groups
(e) CWGs may establish any number of subcommittees within its own Working Group 
to address any of such CWG’s business (each, a “Subcommittee”). A CWG-created 
Subcommittee needs to be approved by the CWG itself according to the approval 
process set forth in the CWG charter, but approval of the Forum is not 
necessary. Subcommittees must exist under an approved CWG.

 

Ballot 203: Formation of Network Security Working Group (v2) 

 

Purpose of Ballot: To form a Network Security Working Group to re-evaluate the 
CAB Forum's Network Security Guidelines.

 

The following motion has been proposed by Gervase Markham of Mozilla and 
endorsed by Jeremy Rowley of DigiCert and Moudrick Dadashov of SSC:

 

-- MOTION BEGINS –

 

In accordance with Section 5.3 of the CA/B Forum Bylaws, the chartering of a 
new Working Group requires a ballot. This ballot charters the Network Security 
Working Group.

 

The CAB Forum's Network Security Guidelines were adopted in August 2012 but 
have not been updated since. Significant doubts have been raised as to their 

Re: [cabfpub] Voting has started on Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

[Doug Beattie via Public]

 

GlobalSign votes yes  on Ballot SC10.

 

Doug

 

On Thu, Sep 27, 2018 at 5:26 PM Kirk Hall via Public mailto:public@cabforum.org> > wrote:

Voting ends on 4 October 2018 at 22:00 UTC.

 

From: Servercert-wg [mailto:servercert-wg-boun...@cabforum.org 
 ] On Behalf Of Dimitris 
Zacharopoulos via Servercert-wg
Sent: Thursday, September 20, 2018 9:02 AM
To: CA/B Forum Server Certificate WG Public Discussion List 
mailto:servercert...@cabforum.org> >
Subject: [Servercert-wg] Ballot SC10 – Establishing the Network Security 
Subcommittee of the SCWG


Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG


 


Purpose of Ballot 


The Network Security Working Group of the CA/Browser Forum expired on June 19, 
2018 under the terms of Ballot 203 which established the Working Group. The 
Server Certificate Working Group wishes to establish a Network Security 
Subcommittee pursuant to Bylaws 5.3.1(e).

The following motion has been proposed by Dimitris Zacharopoulos of HARICA and 
endorsed by Tim Hollebeek of DigiCert and Wayne Thayer of Mozilla.

--- MOTION BEGINS ---

The Server Certificate Working Group hereby establishes the Network Security 
Subcommittee as an official Subcommittee.

1. Mission: To improve security policies and practices for Certificate 
Management Systems encoded in the guidelines maintained by the SCWG. 


2. End Date: This Subcommittee shall continue until it is dissolved by a vote 
of the SCWG

3. Deliverables: The Network Security Subcommittee shall propose ballots to the 
SCWG to improve the minimal security standards within the mission defined above 
This includes modifying the existing Network and Certificate System Security 
Requirements (NCSSR) or to create new requirements, guidelines, or best 
practices. Among other activities, the Network Security Subcommittee shall 
perform security analysis on typical CA Management Systems offering options to 
the Server Certificate Working Group for establishing minimal security 
standards. Risk analysis will also be used to provide a better understanding of 
threats and vulnerabilities in Certificate Management Systems. This process can 
be used to provide better reasoning and justification of existing or future 
security guidelines.

4. Participation: Any member of the SCWG is eligible and may declare their 
participation in the Network Security Subcommittee by requesting to be added to 
the mailing list. 

5. Chair: Ben Wilson shall be the initial Chair of the Network Security 
Subcommittee.  The Subcommittee may change its Chair from time to time by 
consensus of the Members participating in the Subcommittee or by voting method 
chosen by the Members by consensus.  

6. Communication: Subcommittee communications and documents shall be posted on 
mailing-lists where the mail-archives are publicly accessible, and the 
Subcommittee shall publish minutes of its meetings.

7. Effect of SCWG Charter or Forum Bylaws Amendment for Subcommittees: In the 
event the SCWG Charter or the Forum Bylaws is amended to add general rules 
governing Chartered Working Group Subcommittees and how they operate (“General 
Rules”), the provisions of the General Rules shall take precedence over this 
charter.

--- MOTION ENDS ---

 

The procedure for approval of this ballot is as follows: 


Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

Start time (22:00 UTC) 

End time (22:00 UTC) 


Discussion (7 days) 

20 September 2018 

27 September 2018 


Vote for approval (7 days) 

27 September 2018 

4 October 2018 

  


Additional Information (not part of Ballot)


Bylaws v1.9


5.3.1 Formation of Chartered Working Groups


(e) CWGs may establish any number of subcommittees within its own Working Group 
to address any of such CWG’s business (each, a “Subcommittee”). A CWG-created 
Subcommittee needs to be approved by the CWG itself according to the approval 
process set forth in the CWG charter, but approval of the Forum is not 
necessary. Subcommittees must exist under an approved CWG.

 

Ballot 203: Formation of Network Security Working Group (v2) 

 

Purpose of Ballot: To form a Network Security Working Group to re-evaluate the 
CAB Forum's Network Security Guidelines.

 

The following motion has been proposed by Gervase Markham of Mozilla and 
endorsed by Jeremy Rowley of DigiCert and Moudrick Dadashov of SSC:

 

-- MOTION BEGINS –

 

In accordance with Section 5.3 of the CA/B Forum Bylaws, the chartering of a 
new Working Group requires a ballot. This ballot charters the Network Security 
Working Group.

 

The CAB Forum's Network Security Guidelines were adopted in August 2012 but 
have not been updated since. Significant doubts have been raised as to their 
fitness for purpose in 2017. Therefore, the Working Group’s charter will be as 
follows:

 

Scope

 

1. Consider options for revising, replacing or scrapping the Network Security 
Guidelines.

 

Deliverables

Re: [cabfpub] Voting has started on Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

[Silva, Marcelo via Public]

Visa votes Yes on ballot SC10.

Thanks,
Marcelo


From: Public  On Behalf Of Kirk Hall via Public
Sent: Thursday, September 27, 2018 8:26 PM
To: CABFPub 
Subject: [cabfpub] Voting has started on Ballot SC10 – Establishing the Network 
Security Subcommittee of the SCWG

Voting ends on 4 October 2018 at 22:00 UTC.

From: Servercert-wg [mailto:servercert-wg-boun...@cabforum.org] On Behalf Of 
Dimitris Zacharopoulos via Servercert-wg
Sent: Thursday, September 20, 2018 9:02 AM
To: CA/B Forum Server Certificate WG Public Discussion List 
mailto:servercert...@cabforum.org>>
Subject: [Servercert-wg] Ballot SC10 – Establishing the Network Security 
Subcommittee of the SCWG
Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

Purpose of Ballot
The Network Security Working Group of the CA/Browser Forum expired on June 19, 
2018 under the terms of Ballot 203 which established the Working Group. The 
Server Certificate Working Group wishes to establish a Network Security 
Subcommittee pursuant to Bylaws 5.3.1(e).
The following motion has been proposed by Dimitris Zacharopoulos of HARICA and 
endorsed by Tim Hollebeek of DigiCert and Wayne Thayer of Mozilla.
--- MOTION BEGINS ---
The Server Certificate Working Group hereby establishes the Network Security 
Subcommittee as an official Subcommittee.

1. Mission: To improve security policies and practices for Certificate 
Management Systems encoded in the guidelines maintained by the SCWG.

2. End Date: This Subcommittee shall continue until it is dissolved by a vote 
of the SCWG
3. Deliverables: The Network Security Subcommittee shall propose ballots to the 
SCWG to improve the minimal security standards within the mission defined above 
This includes modifying the existing Network and Certificate System Security 
Requirements (NCSSR) or to create new requirements, guidelines, or best 
practices. Among other activities, the Network Security Subcommittee shall 
perform security analysis on typical CA Management Systems offering options to 
the Server Certificate Working Group for establishing minimal security 
standards. Risk analysis will also be used to provide a better understanding of 
threats and vulnerabilities in Certificate Management Systems. This process can 
be used to provide better reasoning and justification of existing or future 
security guidelines.
4. Participation: Any member of the SCWG is eligible and may declare their 
participation in the Network Security Subcommittee by requesting to be added to 
the mailing list.
5. Chair: Ben Wilson shall be the initial Chair of the Network Security 
Subcommittee.  The Subcommittee may change its Chair from time to time by 
consensus of the Members participating in the Subcommittee or by voting method 
chosen by the Members by consensus.
6. Communication: Subcommittee communications and documents shall be posted on 
mailing-lists where the mail-archives are publicly accessible, and the 
Subcommittee shall publish minutes of its meetings.
7. Effect of SCWG Charter or Forum Bylaws Amendment for Subcommittees: In the 
event the SCWG Charter or the Forum Bylaws is amended to add general rules 
governing Chartered Working Group Subcommittees and how they operate (“General 
Rules”), the provisions of the General Rules shall take precedence over this 
charter.
--- MOTION ENDS ---


The procedure for approval of this ballot is as follows:
Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG


Start time (22:00 UTC)


End time (22:00 UTC)


Discussion (7 days)


20 September 2018


27 September 2018


Vote for approval (7 days)


27 September 2018


4 October 2018


Additional Information (not part of Ballot)
Bylaws v1.9
5.3.1 Formation of Chartered Working Groups
(e) CWGs may establish any number of subcommittees within its own Working Group 
to address any of such CWG’s business (each, a “Subcommittee”). A CWG-created 
Subcommittee needs to be approved by the CWG itself according to the approval 
process set forth in the CWG charter, but approval of the Forum is not 
necessary. Subcommittees must exist under an approved CWG.

Ballot 203: Formation of Network Security Working Group (v2)



Purpose of Ballot: To form a Network Security Working Group to re-evaluate the 
CAB Forum's Network Security Guidelines.



The following motion has been proposed by Gervase Markham of Mozilla and 
endorsed by Jeremy Rowley of DigiCert and Moudrick Dadashov of SSC:



-- MOTION BEGINS –



In accordance with Section 5.3 of the CA/B Forum Bylaws, the chartering of a 
new Working Group requires a ballot. This ballot charters the Network Security 
Working Group.



The CAB Forum's Network Security Guidelines were adopted in August 2012 but 
have not been updated since. Significant doubts have been raised as to their 
fitness for purpose in 2017. Therefore, the Working Group’s charter will be as 
follows:



Scope



1. Consider options for revising, replacing or scrapping the Network Security 

Re: [cabfpub] Voting has started on Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

[Wayne Thayer via Public]

Mozilla votes Yes on ballot SC10.

- Wayne

On Thu, Sep 27, 2018 at 5:26 PM Kirk Hall via Public 
wrote:

> Voting ends on 4 October 2018 at 22:00 UTC.
>
>
>
> *From:* Servercert-wg [mailto:servercert-wg-boun...@cabforum.org] *On
> Behalf Of *Dimitris Zacharopoulos via Servercert-wg
> *Sent:* Thursday, September 20, 2018 9:02 AM
> *To:* CA/B Forum Server Certificate WG Public Discussion List <
> servercert...@cabforum.org>
> *Subject:* [Servercert-wg] Ballot SC10 – Establishing the Network
> Security Subcommittee of the SCWG
> Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG
> Purpose of Ballot
>
> The Network Security Working Group of the CA/Browser Forum expired on June
> 19, 2018 under the terms of Ballot 203 which established the Working Group.
> The Server Certificate Working Group wishes to establish a Network Security
> Subcommittee pursuant to Bylaws 5.3.1(e).
>
> The following motion has been proposed by Dimitris Zacharopoulos of HARICA
> and endorsed by Tim Hollebeek of DigiCert and Wayne Thayer of Mozilla.
>
> *--- MOTION BEGINS ---*
>
> The Server Certificate Working Group hereby establishes the *Network
> Security Subcommittee* as an official Subcommittee.
>
> *1. Mission: *To improve security policies and practices for Certificate
> Management Systems encoded in the guidelines maintained by the SCWG.
>
>
> * 2. End Date: *This Subcommittee shall continue until it is dissolved by
> a vote of the SCWG
>
> *3. Deliverables: *The Network Security Subcommittee shall propose
> ballots to the SCWG to improve the minimal security standards within the
> mission defined above This includes modifying the existing Network and
> Certificate System Security Requirements (NCSSR) or to create new
> requirements, guidelines, or best practices. Among other activities, the
> Network Security Subcommittee shall perform security analysis on typical CA
> Management Systems offering options to the Server Certificate Working Group
> for establishing minimal security standards. Risk analysis will also be
> used to provide a better understanding of threats and vulnerabilities in
> Certificate Management Systems. This process can be used to provide better
> reasoning and justification of existing or future security guidelines.
>
> *4. Participation: *Any member of the SCWG is eligible and may declare
> their participation in the Network Security Subcommittee by requesting to
> be added to the mailing list.
>
> *5. Chair: *Ben Wilson shall be the initial Chair of the Network Security
> Subcommittee.  The Subcommittee may change its Chair from time to time by
> consensus of the Members participating in the Subcommittee or by voting
> method chosen by the Members by consensus.
>
> *6. Communication: *Subcommittee communications and documents shall be
> posted on mailing-lists where the mail-archives are publicly accessible,
> and the Subcommittee shall publish minutes of its meetings.
>
> *7. Effect of SCWG Charter or Forum Bylaws Amendment for Subcommittees: *In
> the event the SCWG Charter or the Forum Bylaws is amended to add general
> rules governing Chartered Working Group Subcommittees and how they operate
> (“General Rules”), the provisions of the General Rules shall take
> precedence over this charter.
>
> *--- MOTION ENDS ---*
>
>
>
> The procedure for approval of this ballot is as follows:
>
> *Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG*
>
> *Start time (22:00 UTC)*
>
> *End time (22:00 UTC)*
>
> Discussion (7 days)
>
> 20 September 2018
>
> 27 September 2018
>
> Vote for approval (7 days)
>
> 27 September 2018
>
> 4 October 2018
>
>
> Additional Information (not part of Ballot)
>
> *Bylaws v1.9*
> 5.3.1 Formation of Chartered Working Groups
>
> (e) CWGs may establish any number of subcommittees within its own Working
> Group to address any of such CWG’s business (each, a “Subcommittee”). A
> CWG-created Subcommittee needs to be approved by the CWG itself according
> to the approval process set forth in the CWG charter, but approval of the
> Forum is not necessary. Subcommittees must exist under an approved CWG.
>
>
>
> *Ballot 203: Formation of Network Security Working Group (v2)*
>
>
>
> Purpose of Ballot: To form a Network Security Working Group to re-evaluate
> the CAB Forum's Network Security Guidelines.
>
>
>
> The following motion has been proposed by Gervase Markham of Mozilla and
> endorsed by Jeremy Rowley of DigiCert and Moudrick Dadashov of SSC:
>
>
>
> -- MOTION BEGINS –
>
>
>
> In accordance with Section 5.3 of the CA/B Forum Bylaws, the chartering of
> a new Working Group requires a ballot. This ballot charters the Network
> Security Working Group.
>
>
>
> The CAB Forum's Network Security Guidelines were adopted in August 2012
> but have not been updated since. Significant doubts have been raised as to
> their fitness for purpose in 2017. Therefore, the Working Group’s charter
> will be as follows:
>
>
>
> Scope
>
>
>
> 1. Consider options for 

Re: [cabfpub] Voting has started on Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

[Neil Dunbar via Public]

TrustCor votes YES on ballot SC10

Regards,

Neil

> On 28 Sep 2018, at 01:25, Kirk Hall via Public  wrote:
> 
> Voting ends on 4 October 2018 at 22:00 UTC.
>  
> From: Servercert-wg [mailto:servercert-wg-boun...@cabforum.org 
> ] On Behalf Of Dimitris 
> Zacharopoulos via Servercert-wg
> Sent: Thursday, September 20, 2018 9:02 AM
> To: CA/B Forum Server Certificate WG Public Discussion List 
> mailto:servercert...@cabforum.org>>
> Subject: [Servercert-wg] Ballot SC10 – Establishing the Network Security 
> Subcommittee of the SCWG
> Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG
> 
>  
> 
> Purpose of Ballot
> 
> The Network Security Working Group of the CA/Browser Forum expired on June 
> 19, 2018 under the terms of Ballot 203 which established the Working Group. 
> The Server Certificate Working Group wishes to establish a Network Security 
> Subcommittee pursuant to Bylaws 5.3.1(e).
> The following motion has been proposed by Dimitris Zacharopoulos of HARICA 
> and endorsed by Tim Hollebeek of DigiCert and Wayne Thayer of Mozilla.
> --- MOTION BEGINS ---
> The Server Certificate Working Group hereby establishes the Network Security 
> Subcommittee as an official Subcommittee.
> 
> 1. Mission: To improve security policies and practices for Certificate 
> Management Systems encoded in the guidelines maintained by the SCWG.
> 
> 2. End Date: This Subcommittee shall continue until it is dissolved by a vote 
> of the SCWG
> 3. Deliverables: The Network Security Subcommittee shall propose ballots to 
> the SCWG to improve the minimal security standards within the mission defined 
> above This includes modifying the existing Network and Certificate System 
> Security Requirements (NCSSR) or to create new requirements, guidelines, or 
> best practices. Among other activities, the Network Security Subcommittee 
> shall perform security analysis on typical CA Management Systems offering 
> options to the Server Certificate Working Group for establishing minimal 
> security standards. Risk analysis will also be used to provide a better 
> understanding of threats and vulnerabilities in Certificate Management 
> Systems. This process can be used to provide better reasoning and 
> justification of existing or future security guidelines.
> 4. Participation: Any member of the SCWG is eligible and may declare their 
> participation in the Network Security Subcommittee by requesting to be added 
> to the mailing list.
> 5. Chair: Ben Wilson shall be the initial Chair of the Network Security 
> Subcommittee.  The Subcommittee may change its Chair from time to time by 
> consensus of the Members participating in the Subcommittee or by voting 
> method chosen by the Members by consensus. 
> 6. Communication: Subcommittee communications and documents shall be posted 
> on mailing-lists where the mail-archives are publicly accessible, and the 
> Subcommittee shall publish minutes of its meetings.
> 7. Effect of SCWG Charter or Forum Bylaws Amendment for Subcommittees: In the 
> event the SCWG Charter or the Forum Bylaws is amended to add general rules 
> governing Chartered Working Group Subcommittees and how they operate 
> (“General Rules”), the provisions of the General Rules shall take precedence 
> over this charter.
> --- MOTION ENDS ---
>  
> The procedure for approval of this ballot is as follows:
> 
> Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG
> Start time (22:00 UTC)
> 
> End time (22:00 UTC)
> 
> Discussion (7 days)
> 
> 20 September 2018
> 
> 27 September 2018
> 
> Vote for approval (7 days)
> 
> 27 September 2018
> 
> 4 October 2018
> 
>  
> Additional Information (not part of Ballot)
> Bylaws v1.9
> 5.3.1 Formation of Chartered Working Groups
> (e) CWGs may establish any number of subcommittees within its own Working 
> Group to address any of such CWG’s business (each, a “Subcommittee”). A 
> CWG-created Subcommittee needs to be approved by the CWG itself according to 
> the approval process set forth in the CWG charter, but approval of the Forum 
> is not necessary. Subcommittees must exist under an approved CWG.
>  
> Ballot 203: Formation of Network Security Working Group (v2)
>  
> Purpose of Ballot: To form a Network Security Working Group to re-evaluate 
> the CAB Forum's Network Security Guidelines.
>  
> The following motion has been proposed by Gervase Markham of Mozilla and 
> endorsed by Jeremy Rowley of DigiCert and Moudrick Dadashov of SSC:
>  
> -- MOTION BEGINS –
>  
> In accordance with Section 5.3 of the CA/B Forum Bylaws, the chartering of a 
> new Working Group requires a ballot. This ballot charters the Network 
> Security Working Group.
>  
> The CAB Forum's Network Security Guidelines were adopted in August 2012 but 
> have not been updated since. Significant doubts have been raised as to their 
> fitness for purpose in 2017. Therefore, the Working Group’s charter will be 
> as follows:
>  

Re: [cabfpub] Voting has started on Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

[Hornemann, Leyla via Public]

D-TRUST votes "YES" to Ballot SC10.
Regards
Leyla

Von: Public [mailto:public-boun...@cabforum.org] Im Auftrag von Kirk Hall via 
Public
Gesendet: Freitag, 28. September 2018 02:26
An: CABFPub 
Betreff: [cabfpub] Voting has started on Ballot SC10 – Establishing the Network 
Security Subcommittee of the SCWG

Voting ends on 4 October 2018 at 22:00 UTC.

From: Servercert-wg [mailto:servercert-wg-boun...@cabforum.org] On Behalf Of 
Dimitris Zacharopoulos via Servercert-wg
Sent: Thursday, September 20, 2018 9:02 AM
To: CA/B Forum Server Certificate WG Public Discussion List 
mailto:servercert...@cabforum.org>>
Subject: [Servercert-wg] Ballot SC10 – Establishing the Network Security 
Subcommittee of the SCWG
Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

Purpose of Ballot
The Network Security Working Group of the CA/Browser Forum expired on June 19, 
2018 under the terms of Ballot 203 which established the Working Group. The 
Server Certificate Working Group wishes to establish a Network Security 
Subcommittee pursuant to Bylaws 5.3.1(e).
The following motion has been proposed by Dimitris Zacharopoulos of HARICA and 
endorsed by Tim Hollebeek of DigiCert and Wayne Thayer of Mozilla.
--- MOTION BEGINS ---
The Server Certificate Working Group hereby establishes the Network Security 
Subcommittee as an official Subcommittee.

1. Mission: To improve security policies and practices for Certificate 
Management Systems encoded in the guidelines maintained by the SCWG.

2. End Date: This Subcommittee shall continue until it is dissolved by a vote 
of the SCWG
3. Deliverables: The Network Security Subcommittee shall propose ballots to the 
SCWG to improve the minimal security standards within the mission defined above 
This includes modifying the existing Network and Certificate System Security 
Requirements (NCSSR) or to create new requirements, guidelines, or best 
practices. Among other activities, the Network Security Subcommittee shall 
perform security analysis on typical CA Management Systems offering options to 
the Server Certificate Working Group for establishing minimal security 
standards. Risk analysis will also be used to provide a better understanding of 
threats and vulnerabilities in Certificate Management Systems. This process can 
be used to provide better reasoning and justification of existing or future 
security guidelines.
4. Participation: Any member of the SCWG is eligible and may declare their 
participation in the Network Security Subcommittee by requesting to be added to 
the mailing list.
5. Chair: Ben Wilson shall be the initial Chair of the Network Security 
Subcommittee.  The Subcommittee may change its Chair from time to time by 
consensus of the Members participating in the Subcommittee or by voting method 
chosen by the Members by consensus.
6. Communication: Subcommittee communications and documents shall be posted on 
mailing-lists where the mail-archives are publicly accessible, and the 
Subcommittee shall publish minutes of its meetings.
7. Effect of SCWG Charter or Forum Bylaws Amendment for Subcommittees: In the 
event the SCWG Charter or the Forum Bylaws is amended to add general rules 
governing Chartered Working Group Subcommittees and how they operate (“General 
Rules”), the provisions of the General Rules shall take precedence over this 
charter.
--- MOTION ENDS ---


The procedure for approval of this ballot is as follows:
Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG


Start time (22:00 UTC)


End time (22:00 UTC)


Discussion (7 days)


20 September 2018


27 September 2018


Vote for approval (7 days)


27 September 2018


4 October 2018


Additional Information (not part of Ballot)
Bylaws v1.9
5.3.1 Formation of Chartered Working Groups
(e) CWGs may establish any number of subcommittees within its own Working Group 
to address any of such CWG’s business (each, a “Subcommittee”). A CWG-created 
Subcommittee needs to be approved by the CWG itself according to the approval 
process set forth in the CWG charter, but approval of the Forum is not 
necessary. Subcommittees must exist under an approved CWG.

Ballot 203: Formation of Network Security Working Group (v2)



Purpose of Ballot: To form a Network Security Working Group to re-evaluate the 
CAB Forum's Network Security Guidelines.



The following motion has been proposed by Gervase Markham of Mozilla and 
endorsed by Jeremy Rowley of DigiCert and Moudrick Dadashov of SSC:



-- MOTION BEGINS –



In accordance with Section 5.3 of the CA/B Forum Bylaws, the chartering of a 
new Working Group requires a ballot. This ballot charters the Network Security 
Working Group.



The CAB Forum's Network Security Guidelines were adopted in August 2012 but 
have not been updated since. Significant doubts have been raised as to their 
fitness for purpose in 2017. Therefore, the Working Group’s charter will be as 
follows:



Scope



1. Consider options for revising, replacing 

Re: [cabfpub] Voting has started on Ballot SC10 - Establishing the Network Security Subcommittee of the SCWG

[Ramiro Muñoz via Public]

AC CAMERFIRMA SA votes “YES” on Ballot SC10.

 

Ramiro Muñoz Muñoz 

AC Camerfirma SA.

CTO, Exploitation Manager, CISA.

+34 619 746 291 · rami...@camerfirma.com. 

https://www.linkedin.com/in/ramirom.



Este mensaje, y en su caso, cualquier fichero anexo al mismo, puede contener
información CONFIDENCIAL, siendo para uso exclusivo del destinatario,
quedando prohibida su divulgación copia o distribución a terceros. Si Vd. ha
recibido este mensaje erróneamente, se ruega lo notifique al remitente y
proceda a su borrado.

De conformidad con lo establecido en el Reglamento UE 2016/679 de 27 de
abril de 2016 General de Protección de Datos, se le informa que la empresa
AC CAMERFIRMA, S.A. tratará la información que nos facilita con el exclusivo
fin de cumplir con las obligaciones derivadas de la relación comercial o
contractual adquirida con usted y que sus datos no podrán ser objeto de otro
tratamiento ni de cesión a terceros salvo en los casos en que exista una
obligación legal. 

Usted tiene derecho a obtener confirmación acerca del tratamiento de sus
datos personales, y a ejercer sus derechos de acceso, rectificación,
supresión, limitación y portabilidad en el tratamiento, dirigiéndose a AC
CAMERFIRMA, S.A., mediante comunicación escrita remitida a la dirección C/
Ribera del Loira 12 (28042) Madrid, o a la dirección electrónica
jurid...@camerfirma.com o a través de la web de incidencias disponible en la
página web  
http://webcrm.camerfirma.com/incidencias/incidencias.php

 

[EN]

This message, and if applicable, any file attached to it, may contain
CONFIDENTIAL information for the exclusive use of the recipient, being
prohibited its disclosure copy or distribution to third parties. If you have
received this message incorrectly, please notify the sender and proceed with
its deletion.

In accordance with the provisions of the EU Regulation 2016/679 of April 27,
2016 General Data Protection, you are informed that the company AC
CAMERFIRMA, S.A. will treat the information you provide us with the sole
purpose of complying with the obligations derived from the commercial or
contractual relationship acquired with you and that your data will not be
subject to another treatment or assignment to third parties except in cases
where there is an legal obligation.

You have the right to obtain confirmation about your personal data
treatement, and to exercise your rights of access, rectification, deletion,
limitation and portability, contacting AC CAMERFIRMA, SA, by written
communication sent to the address C / Ribera del Loira 12 (28042) Madrid, or
to the legal address jurid...@camerfirma.com or through the website

http://webcrm.camerfirma.com/incidencias/incidencias.php

 

 

From: Public mailto:public-boun...@cabforum.org> > On Behalf Of Kirk Hall via Public
Sent: Friday, September 28, 2018 8:26 AM
To: CABFPub mailto:public@cabforum.org> >
Subject: [cabfpub] Voting has started on Ballot SC10 – Establishing the
Network Security Subcommittee of the SCWG

 

Voting ends on 4 October 2018 at 22:00 UTC.

 

From: Servercert-wg [mailto:servercert-wg-boun...@cabforum.org] On Behalf Of
Dimitris Zacharopoulos via Servercert-wg
Sent: Thursday, September 20, 2018 9:02 AM
To: CA/B Forum Server Certificate WG Public Discussion List
mailto:servercert...@cabforum.org> >
Subject: [Servercert-wg] Ballot SC10 – Establishing the Network Security
Subcommittee of the SCWG


Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG


 


Purpose of Ballot 


The Network Security Working Group of the CA/Browser Forum expired on June
19, 2018 under the terms of Ballot 203 which established the Working Group.
The Server Certificate Working Group wishes to establish a Network Security
Subcommittee pursuant to Bylaws 5.3.1(e).

The following motion has been proposed by Dimitris Zacharopoulos of HARICA
and endorsed by Tim Hollebeek of DigiCert and Wayne Thayer of Mozilla.

--- MOTION BEGINS ---

The Server Certificate Working Group hereby establishes the Network Security
Subcommittee as an official Subcommittee.

1. Mission: To improve security policies and practices for Certificate
Management Systems encoded in the guidelines maintained by the SCWG. 


2. End Date: This Subcommittee shall continue until it is dissolved by a
vote of the SCWG

3. Deliverables: The Network Security Subcommittee shall propose ballots to
the SCWG to improve the minimal security standards within the mission
defined above This includes modifying the existing Network and Certificate
System Security Requirements (NCSSR) or to create new requirements,
guidelines, or best practices. Among other activities, the Network Security
Subcommittee shall perform security analysis on typical CA Management
Systems offering options to the Server Certificate Working Group for
establishing minimal security 

Re: [cabfpub] Voting has started on Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

[Robin.Lin]

TWCA votes “YES” on Ballot SC10.

Regards,
Robin Lin

From: Public  On Behalf Of Kirk Hall via Public
Sent: Friday, September 28, 2018 8:26 AM
To: CABFPub 
Subject: [cabfpub] Voting has started on Ballot SC10 – Establishing the Network 
Security Subcommittee of the SCWG

Voting ends on 4 October 2018 at 22:00 UTC.

From: Servercert-wg [mailto:servercert-wg-boun...@cabforum.org] On Behalf Of 
Dimitris Zacharopoulos via Servercert-wg
Sent: Thursday, September 20, 2018 9:02 AM
To: CA/B Forum Server Certificate WG Public Discussion List 
mailto:servercert...@cabforum.org>>
Subject: [Servercert-wg] Ballot SC10 – Establishing the Network Security 
Subcommittee of the SCWG
Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

Purpose of Ballot
The Network Security Working Group of the CA/Browser Forum expired on June 19, 
2018 under the terms of Ballot 203 which established the Working Group. The 
Server Certificate Working Group wishes to establish a Network Security 
Subcommittee pursuant to Bylaws 5.3.1(e).
The following motion has been proposed by Dimitris Zacharopoulos of HARICA and 
endorsed by Tim Hollebeek of DigiCert and Wayne Thayer of Mozilla.
--- MOTION BEGINS ---
The Server Certificate Working Group hereby establishes the Network Security 
Subcommittee as an official Subcommittee.

1. Mission: To improve security policies and practices for Certificate 
Management Systems encoded in the guidelines maintained by the SCWG.

2. End Date: This Subcommittee shall continue until it is dissolved by a vote 
of the SCWG
3. Deliverables: The Network Security Subcommittee shall propose ballots to the 
SCWG to improve the minimal security standards within the mission defined above 
This includes modifying the existing Network and Certificate System Security 
Requirements (NCSSR) or to create new requirements, guidelines, or best 
practices. Among other activities, the Network Security Subcommittee shall 
perform security analysis on typical CA Management Systems offering options to 
the Server Certificate Working Group for establishing minimal security 
standards. Risk analysis will also be used to provide a better understanding of 
threats and vulnerabilities in Certificate Management Systems. This process can 
be used to provide better reasoning and justification of existing or future 
security guidelines.
4. Participation: Any member of the SCWG is eligible and may declare their 
participation in the Network Security Subcommittee by requesting to be added to 
the mailing list.
5. Chair: Ben Wilson shall be the initial Chair of the Network Security 
Subcommittee.  The Subcommittee may change its Chair from time to time by 
consensus of the Members participating in the Subcommittee or by voting method 
chosen by the Members by consensus.
6. Communication: Subcommittee communications and documents shall be posted on 
mailing-lists where the mail-archives are publicly accessible, and the 
Subcommittee shall publish minutes of its meetings.
7. Effect of SCWG Charter or Forum Bylaws Amendment for Subcommittees: In the 
event the SCWG Charter or the Forum Bylaws is amended to add general rules 
governing Chartered Working Group Subcommittees and how they operate (“General 
Rules”), the provisions of the General Rules shall take precedence over this 
charter.
--- MOTION ENDS ---


The procedure for approval of this ballot is as follows:
Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG


Start time (22:00 UTC)


End time (22:00 UTC)


Discussion (7 days)


20 September 2018


27 September 2018


Vote for approval (7 days)


27 September 2018


4 October 2018


Additional Information (not part of Ballot)
Bylaws v1.9
5.3.1 Formation of Chartered Working Groups
(e) CWGs may establish any number of subcommittees within its own Working Group 
to address any of such CWG’s business (each, a “Subcommittee”). A CWG-created 
Subcommittee needs to be approved by the CWG itself according to the approval 
process set forth in the CWG charter, but approval of the Forum is not 
necessary. Subcommittees must exist under an approved CWG.

Ballot 203: Formation of Network Security Working Group (v2)



Purpose of Ballot: To form a Network Security Working Group to re-evaluate the 
CAB Forum's Network Security Guidelines.



The following motion has been proposed by Gervase Markham of Mozilla and 
endorsed by Jeremy Rowley of DigiCert and Moudrick Dadashov of SSC:



-- MOTION BEGINS –



In accordance with Section 5.3 of the CA/B Forum Bylaws, the chartering of a 
new Working Group requires a ballot. This ballot charters the Network Security 
Working Group.



The CAB Forum's Network Security Guidelines were adopted in August 2012 but 
have not been updated since. Significant doubts have been raised as to their 
fitness for purpose in 2017. Therefore, the Working Group’s charter will be as 
follows:



Scope



1. Consider options for revising, replacing or scrapping the Network Security 

Re: [cabfpub] Voting has started on Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

[Tim Hollebeek via Public]

DigiCert votes “YES” on Ballot SC10.

 

-Tim

 

From: Public  On Behalf Of Kirk Hall via Public
Sent: Thursday, September 27, 2018 5:26 PM
To: CABFPub 
Subject: [cabfpub] Voting has started on Ballot SC10 – Establishing the Network 
Security Subcommittee of the SCWG

 

Voting ends on 4 October 2018 at 22:00 UTC.

 

From: Servercert-wg [mailto:servercert-wg-boun...@cabforum.org] On Behalf Of 
Dimitris Zacharopoulos via Servercert-wg
Sent: Thursday, September 20, 2018 9:02 AM
To: CA/B Forum Server Certificate WG Public Discussion List 

Subject: [Servercert-wg] Ballot SC10 – Establishing the Network Security 
Subcommittee of the SCWG


Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG


 


Purpose of Ballot 


The Network Security Working Group of the CA/Browser Forum expired on June 19, 
2018 under the terms of Ballot 203 which established the Working Group. The 
Server Certificate Working Group wishes to establish a Network Security 
Subcommittee pursuant to Bylaws 5.3.1(e).

The following motion has been proposed by Dimitris Zacharopoulos of HARICA and 
endorsed by Tim Hollebeek of DigiCert and Wayne Thayer of Mozilla.

--- MOTION BEGINS ---

The Server Certificate Working Group hereby establishes the Network Security 
Subcommittee as an official Subcommittee.

1. Mission: To improve security policies and practices for Certificate 
Management Systems encoded in the guidelines maintained by the SCWG. 


2. End Date: This Subcommittee shall continue until it is dissolved by a vote 
of the SCWG

3. Deliverables: The Network Security Subcommittee shall propose ballots to the 
SCWG to improve the minimal security standards within the mission defined above 
This includes modifying the existing Network and Certificate System Security 
Requirements (NCSSR) or to create new requirements, guidelines, or best 
practices. Among other activities, the Network Security Subcommittee shall 
perform security analysis on typical CA Management Systems offering options to 
the Server Certificate Working Group for establishing minimal security 
standards. Risk analysis will also be used to provide a better understanding of 
threats and vulnerabilities in Certificate Management Systems. This process can 
be used to provide better reasoning and justification of existing or future 
security guidelines.

4. Participation: Any member of the SCWG is eligible and may declare their 
participation in the Network Security Subcommittee by requesting to be added to 
the mailing list. 

5. Chair: Ben Wilson shall be the initial Chair of the Network Security 
Subcommittee.  The Subcommittee may change its Chair from time to time by 
consensus of the Members participating in the Subcommittee or by voting method 
chosen by the Members by consensus.  

6. Communication: Subcommittee communications and documents shall be posted on 
mailing-lists where the mail-archives are publicly accessible, and the 
Subcommittee shall publish minutes of its meetings.

7. Effect of SCWG Charter or Forum Bylaws Amendment for Subcommittees: In the 
event the SCWG Charter or the Forum Bylaws is amended to add general rules 
governing Chartered Working Group Subcommittees and how they operate (“General 
Rules”), the provisions of the General Rules shall take precedence over this 
charter.

--- MOTION ENDS ---

 

The procedure for approval of this ballot is as follows: 


Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

Start time (22:00 UTC) 

End time (22:00 UTC) 


Discussion (7 days) 

20 September 2018 

27 September 2018 


Vote for approval (7 days) 

27 September 2018 

4 October 2018 

  


Additional Information (not part of Ballot)


Bylaws v1.9


5.3.1 Formation of Chartered Working Groups


(e) CWGs may establish any number of subcommittees within its own Working Group 
to address any of such CWG’s business (each, a “Subcommittee”). A CWG-created 
Subcommittee needs to be approved by the CWG itself according to the approval 
process set forth in the CWG charter, but approval of the Forum is not 
necessary. Subcommittees must exist under an approved CWG.

 

Ballot 203: Formation of Network Security Working Group (v2) 

 

Purpose of Ballot: To form a Network Security Working Group to re-evaluate the 
CAB Forum's Network Security Guidelines.

 

The following motion has been proposed by Gervase Markham of Mozilla and 
endorsed by Jeremy Rowley of DigiCert and Moudrick Dadashov of SSC:

 

-- MOTION BEGINS –

 

In accordance with Section 5.3 of the CA/B Forum Bylaws, the chartering of a 
new Working Group requires a ballot. This ballot charters the Network Security 
Working Group.

 

The CAB Forum's Network Security Guidelines were adopted in August 2012 but 
have not been updated since. Significant doubts have been raised as to their 
fitness for purpose in 2017. Therefore, the Working Group’s charter will be as 
follows:

 

Scope

 

1. Consider options for revising, replacing or scrapping the 

[cabfpub] Voting has started on Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

[Kirk Hall via Public]

Voting ends on 4 October 2018 at 22:00 UTC.

From: Servercert-wg [mailto:servercert-wg-boun...@cabforum.org] On Behalf Of 
Dimitris Zacharopoulos via Servercert-wg
Sent: Thursday, September 20, 2018 9:02 AM
To: CA/B Forum Server Certificate WG Public Discussion List 

Subject: [Servercert-wg] Ballot SC10 – Establishing the Network Security 
Subcommittee of the SCWG
Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG

Purpose of Ballot
The Network Security Working Group of the CA/Browser Forum expired on June 19, 
2018 under the terms of Ballot 203 which established the Working Group. The 
Server Certificate Working Group wishes to establish a Network Security 
Subcommittee pursuant to Bylaws 5.3.1(e).
The following motion has been proposed by Dimitris Zacharopoulos of HARICA and 
endorsed by Tim Hollebeek of DigiCert and Wayne Thayer of Mozilla.
--- MOTION BEGINS ---
The Server Certificate Working Group hereby establishes the Network Security 
Subcommittee as an official Subcommittee.

1. Mission: To improve security policies and practices for Certificate 
Management Systems encoded in the guidelines maintained by the SCWG.

2. End Date: This Subcommittee shall continue until it is dissolved by a vote 
of the SCWG
3. Deliverables: The Network Security Subcommittee shall propose ballots to the 
SCWG to improve the minimal security standards within the mission defined above 
This includes modifying the existing Network and Certificate System Security 
Requirements (NCSSR) or to create new requirements, guidelines, or best 
practices. Among other activities, the Network Security Subcommittee shall 
perform security analysis on typical CA Management Systems offering options to 
the Server Certificate Working Group for establishing minimal security 
standards. Risk analysis will also be used to provide a better understanding of 
threats and vulnerabilities in Certificate Management Systems. This process can 
be used to provide better reasoning and justification of existing or future 
security guidelines.
4. Participation: Any member of the SCWG is eligible and may declare their 
participation in the Network Security Subcommittee by requesting to be added to 
the mailing list.
5. Chair: Ben Wilson shall be the initial Chair of the Network Security 
Subcommittee.  The Subcommittee may change its Chair from time to time by 
consensus of the Members participating in the Subcommittee or by voting method 
chosen by the Members by consensus.
6. Communication: Subcommittee communications and documents shall be posted on 
mailing-lists where the mail-archives are publicly accessible, and the 
Subcommittee shall publish minutes of its meetings.
7. Effect of SCWG Charter or Forum Bylaws Amendment for Subcommittees: In the 
event the SCWG Charter or the Forum Bylaws is amended to add general rules 
governing Chartered Working Group Subcommittees and how they operate (“General 
Rules”), the provisions of the General Rules shall take precedence over this 
charter.
--- MOTION ENDS ---


The procedure for approval of this ballot is as follows:
Ballot SC10 – Establishing the Network Security Subcommittee of the SCWG


Start time (22:00 UTC)


End time (22:00 UTC)


Discussion (7 days)


20 September 2018


27 September 2018


Vote for approval (7 days)


27 September 2018


4 October 2018


Additional Information (not part of Ballot)
Bylaws v1.9
5.3.1 Formation of Chartered Working Groups
(e) CWGs may establish any number of subcommittees within its own Working Group 
to address any of such CWG’s business (each, a “Subcommittee”). A CWG-created 
Subcommittee needs to be approved by the CWG itself according to the approval 
process set forth in the CWG charter, but approval of the Forum is not 
necessary. Subcommittees must exist under an approved CWG.

Ballot 203: Formation of Network Security Working Group (v2)



Purpose of Ballot: To form a Network Security Working Group to re-evaluate the 
CAB Forum's Network Security Guidelines.



The following motion has been proposed by Gervase Markham of Mozilla and 
endorsed by Jeremy Rowley of DigiCert and Moudrick Dadashov of SSC:



-- MOTION BEGINS –



In accordance with Section 5.3 of the CA/B Forum Bylaws, the chartering of a 
new Working Group requires a ballot. This ballot charters the Network Security 
Working Group.



The CAB Forum's Network Security Guidelines were adopted in August 2012 but 
have not been updated since. Significant doubts have been raised as to their 
fitness for purpose in 2017. Therefore, the Working Group’s charter will be as 
follows:



Scope



1. Consider options for revising, replacing or scrapping the Network Security 
Guidelines.



Deliverables

1. A report with one or more proposals for the future of the Network Security 
Guidelines.

2. For proposals involving replacement, details of the availability and 
applicability of the proposed alternative, and what modifications if any would 
be needed to it in order to make it