Re: [cabfpub] Ballot 197 – Effective Date of Ballot 193 Provisions

[Curt Spann via Public]

Apple votes YES.

Curt

> On Apr 19, 2017, at 11:03 AM, Kirk Hall via Public  
> wrote:
> 
> Ballot 197 – Effective Date of Ballot 193 Provisions
>  
> Recent Ballot 193 reduced the maximum period for certificates and for reuse 
> of vetting data for DV and OV certificates from 39 months to 825 days.  The 
> effective date for reducing the maximum validity period of certificates was 
> specified as March 1, 2018, but no effective date was specified for when the 
> reduction of the maximum period for reuse of vetting data becomes effective.
>  
> It was the intention of the authors of Ballot 193 that the effective date for 
> reducing the maximum period for reuse of vetting data under BR 4.2.1 would 
> also be March 1, 2018.  This ballot is intended to clarify that intention.  
> The ballot also makes these changes retroactive to the effective date of 
> Ballot 193 so there is no gap period.
>  
> Ballot 193 is in the Review Period (which will end on April 22, 2017), and 
> has not yet taken effect.  Bylaw 2.3 states that Ballots should include a 
> “redline or comparison showing the set of changes from the Final Guideline 
> section(s) intended to become a Final Maintenance Guideline” and that “[s]uch 
> redline or comparison shall be made against the Final Guideline section(s) as 
> they exist at the time a ballot is proposed”.
>  
> To avoid confusion, this Ballot will show the proposed changes to BR 4.2.1 
> will be presented two ways: (1) a comparison of the changes to BR 4.2.1 as it 
> existed before Ballot 193 (which is as BR 4.2.1 exists at this time this 
> ballot is proposed), and also (2) a comparison of the changes to BR 4.2.1 as 
> it will exist after the Review Period for Ballot 193 is completed (assuming 
> no Exclusion Notices are filed).
>  
> The following motion has been proposed by Chris Bailey of Entrust Datacard 
> and endorsed by Ben Wilson of DigiCert, and Wayne Thayer of GoDaddy to 
> introduce new Final Maintenance Guidelines for the "Baseline Requirements 
> Certificate Policy for the Issuance and Management of Publicly-Trusted 
> Certificates" (Baseline Requirements) and the "Guidelines for the Issuance 
> and Management of Extended Validation Certificates" (EV Guidelines).
>  
> -- MOTION BEGINS -- 
>  
> Ballot Section 1
>  
> BR 4.2.1 is amended to read as follows:
>  
> [Ballot amendments shown against BR 4.2.1 as it currently exists without the 
> changes adopted in Ballot 193]
>  
> BR 4.2.1. Performing Identification and Authentication Functions
>  
> The certificate request MAY include all factual information about the 
> Applicant to be included in the Certificate, and such additional information 
> as is necessary for the CA to obtain from the Applicant in order to comply 
> with these Requirements and the CA’s Certificate Policy and/or Certification 
> Practice Statement. In cases where the certificate request does not contain 
> all the necessary information about the Applicant, the CA SHALL obtain the 
> remaining information from the Applicant or, having obtained it from a 
> reliable, independent, third‐party data source, confirm it with the 
> Applicant. The CA SHALL establish and follow a documented procedure for 
> verifying all data requested for inclusion in the Certificate by the 
> Applicant.
>  
> Applicant information MUST include, but not be limited to, at least one 
> Fully‐Qualified Domain Name or IP address to be included in the Certificate’s 
> SubjectAltName extension.
>  
> Section 6.3.2 limits the validity period of Subscriber Certificates. The CA 
> MAY use the documents and data provided in Section 3.2 to verify certificate 
> information, provided that: the CA obtained the data or document from a 
> source specified under Section 3.2 no more than thirty‐nine (39) months prior 
> to issuing the Certificate.
>  
> (1) Prior to March 1, 2018, the CA obtained the data or document from a 
> source specified under Section 3.2 no more than 39 months prior to issuing 
> the Certificate; and
>  
> (2) On or after March 1, 2018, the CA obtained the data or document from a 
> source specified under Section 3.2 no more than 825 days prior to issuing the 
> Certificate. 
>  
> The CA SHALL develop, maintain, and implement documented procedures that 
> identify and require additional verification activity for High Risk 
> Certificate Requests prior to the Certificate’s approval, as reasonably 
> necessary to ensure that such requests are properly verified under these 
> Requirements.
>  
> If a Delegated Third Party fulfills any of the CA’s obligations under this 
> section, the CA SHALL verify that the process used by the Delegated Third 
> Party to identify and further verify High Risk Certificate Requests provides 
> at least the same level of assurance as the CA’s own processes.
>  
>  
> [Ballot amendments shown against BR 4.2.1 as it existed after Ballot 193 was 
> approved]
>  
> BR 4.2.1. Performing Identification and 

[cabfpub] Ballot 197 – Effective Date of Ballot 193 Provisions

[realsky(CHT) via Public]

Chunghwa Telecom Co., Ltd. Votes Yes 

Li-Chun

-Original message-

From: Public [mailto:public-bounces at cabforum.org] On Behalf Of Kirk Hall via 
Public
Sent: Wednesday, April 19, 2017 8:03 PM
To: Kirk Hall via Public 
Cc: Kirk Hall 
Subject: [cabfpub] Ballot 197 – Effective Date of Ballot 193 Provisions

Ballot 197 – Effective Date of Ballot 193 Provisions

Recent Ballot 193 reduced the maximum period for certificates and for reuse of 
vetting data for DV and OV certificates from 39 months to 825 days.  The 
effective date for reducing the maximum validity period of certificates was 
specified as March 1, 2018, but no effective date was specified for when the 
reduction of the maximum period for reuse of vetting data becomes effective.

It was the intention of the authors of Ballot 193 that the effective date for 
reducing the maximum period for reuse of vetting data under BR 4.2.1 would also 
be March 1, 2018.  This ballot is intended to clarify that intention.  The 
ballot also makes these changes retroactive to the effective date of Ballot 193 
so there is no gap period.

Ballot 193 is in the Review Period (which will end on April 22, 2017), and has 
not yet taken effect.  Bylaw 2.3 states that Ballots should include a “redline 
or comparison showing the set of changes from the Final Guideline section(s) 
intended to become a Final Maintenance Guideline” and that “[s]uch redline or 
comparison shall be made against the Final Guideline section(s) as they exist 
at the time a ballot is proposed”.

To avoid confusion, this Ballot will show the proposed changes to BR 4.2.1 will 
be presented two ways: (1) a comparison of the changes to BR 4.2.1 as it 
existed before Ballot 193 (which is as BR 4.2.1 exists at this time this ballot 
is proposed), and also (2) a comparison of the changes to BR 4.2.1 as it will 
exist after the Review Period for Ballot 193 is completed (assuming no 
Exclusion Notices are filed).

The following motion has been proposed by Chris Bailey of Entrust Datacard and 
endorsed by Ben Wilson of DigiCert, and Wayne Thayer of GoDaddy to introduce 
new Final Maintenance Guidelines for the "Baseline Requirements Certificate 
Policy for the Issuance and Management of Publicly-Trusted Certificates" 
(Baseline Requirements) and the "Guidelines for the Issuance and Management of 
Extended Validation Certificates" (EV Guidelines).

-- MOTION BEGINS --

Ballot Section 1

BR 4.2.1 is amended to read as follows:

[Ballot amendments shown against BR 4.2.1 as it currently exists without the 
changes adopted in Ballot 193]

BR 4.2.1. Performing Identification and Authentication Functions

The certificate request MAY include all factual information about the Applicant 
to be included in the Certificate, and such additional information as is 
necessary for the CA to obtain from the Applicant in order to comply with these 
Requirements and the CA’s Certificate Policy and/or Certification Practice 
Statement. In cases where the certificate request does not contain all the 
necessary information about the Applicant, the CA SHALL obtain the remaining 
information from the Applicant or, having obtained it from a reliable, 
independent, third‐party data source, confirm it with the Applicant. The CA 
SHALL establish and follow a documented procedure for verifying all data 
requested for inclusion in the Certificate by the Applicant.

Applicant information MUST include, but not be limited to, at least one 
Fully‐Qualified Domain Name or IP address to be included in the Certificate’s 
SubjectAltName extension.

Section 6.3.2 limits the validity period of Subscriber Certificates. The CA MAY 
use the documents and data provided in Section 3.2 to verify certificate 
information, provided that: the CA obtained the data or document from a source 
specified under Section 3.2 no more than thirty‐nine (39) months prior to 
issuing the Certificate.

(1) Prior to March 1, 2018, the CA obtained the data or document from a source 
specified under Section 3.2 no more than 39 months prior to issuing the 
Certificate; and

(2) On or after March 1, 2018, the CA obtained the data or document from a 
source specified under Section 3.2 no more than 825 days prior to issuing the 
Certificate.

The CA SHALL develop, maintain, and implement documented procedures that 
identify and require additional verification activity for High Risk Certificate 
Requests prior to the Certificate’s approval, as reasonably necessary to ensure 
that such requests are properly verified under these Requirements.

If a Delegated Third Party fulfills any of the CA’s obligations under this 
section, the CA SHALL verify that the process used by the Delegated Third Party 
to identify and further verify High Risk Certificate Requests provides at least 
the same level of assurance as the CA’s own processes.


[Ballot amendments shown against BR 4.2.1 as it existed after Ballot 193 was 
approved]

BR 4.2.1. Perfo

Re: [cabfpub] Ballot 197 – Effective Date of Ballot 193 Provisions

[Peter Miškovič via Public]

Disig votes „YES“ .
Regards.
Peter

From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Kirk Hall via 
Public
Sent: Wednesday, April 19, 2017 8:03 PM
To: Kirk Hall via Public <public@cabforum.org>
Cc: Kirk Hall <kirk.h...@entrustdatacard.com>
Subject: [cabfpub] Ballot 197 – Effective Date of Ballot 193 Provisions

Ballot 197 – Effective Date of Ballot 193 Provisions

Recent Ballot 193 reduced the maximum period for certificates and for reuse of 
vetting data for DV and OV certificates from 39 months to 825 days.  The 
effective date for reducing the maximum validity period of certificates was 
specified as March 1, 2018, but no effective date was specified for when the 
reduction of the maximum period for reuse of vetting data becomes effective.

It was the intention of the authors of Ballot 193 that the effective date for 
reducing the maximum period for reuse of vetting data under BR 4.2.1 would also 
be March 1, 2018.  This ballot is intended to clarify that intention.  The 
ballot also makes these changes retroactive to the effective date of Ballot 193 
so there is no gap period.

Ballot 193 is in the Review Period (which will end on April 22, 2017), and has 
not yet taken effect.  Bylaw 2.3 states that Ballots should include a “redline 
or comparison showing the set of changes from the Final Guideline section(s) 
intended to become a Final Maintenance Guideline” and that “[s]uch redline or 
comparison shall be made against the Final Guideline section(s) as they exist 
at the time a ballot is proposed”.

To avoid confusion, this Ballot will show the proposed changes to BR 4.2.1 will 
be presented two ways: (1) a comparison of the changes to BR 4.2.1 as it 
existed before Ballot 193 (which is as BR 4.2.1 exists at this time this ballot 
is proposed), and also (2) a comparison of the changes to BR 4.2.1 as it will 
exist after the Review Period for Ballot 193 is completed (assuming no 
Exclusion Notices are filed).

The following motion has been proposed by Chris Bailey of Entrust Datacard and 
endorsed by Ben Wilson of DigiCert, and Wayne Thayer of GoDaddy to introduce 
new Final Maintenance Guidelines for the "Baseline Requirements Certificate 
Policy for the Issuance and Management of Publicly-Trusted Certificates" 
(Baseline Requirements) and the "Guidelines for the Issuance and Management of 
Extended Validation Certificates" (EV Guidelines).

-- MOTION BEGINS --

Ballot Section 1

BR 4.2.1 is amended to read as follows:

[Ballot amendments shown against BR 4.2.1 as it currently exists without the 
changes adopted in Ballot 193]

BR 4.2.1. Performing Identification and Authentication Functions

The certificate request MAY include all factual information about the Applicant 
to be included in the Certificate, and such additional information as is 
necessary for the CA to obtain from the Applicant in order to comply with these 
Requirements and the CA’s Certificate Policy and/or Certification Practice 
Statement. In cases where the certificate request does not contain all the 
necessary information about the Applicant, the CA SHALL obtain the remaining 
information from the Applicant or, having obtained it from a reliable, 
independent, third‐party data source, confirm it with the Applicant. The CA 
SHALL establish and follow a documented procedure for verifying all data 
requested for inclusion in the Certificate by the Applicant.

Applicant information MUST include, but not be limited to, at least one 
Fully‐Qualified Domain Name or IP address to be included in the Certificate’s 
SubjectAltName extension.

Section 6.3.2 limits the validity period of Subscriber Certificates. The CA MAY 
use the documents and data provided in Section 3.2 to verify certificate 
information, provided that: the CA obtained the data or document from a source 
specified under Section 3.2 no more than thirty‐nine (39) months prior to 
issuing the Certificate.

(1) Prior to March 1, 2018, the CA obtained the data or document from a source 
specified under Section 3.2 no more than 39 months prior to issuing the 
Certificate; and

(2) On or after March 1, 2018, the CA obtained the data or document from a 
source specified under Section 3.2 no more than 825 days prior to issuing the 
Certificate.

The CA SHALL develop, maintain, and implement documented procedures that 
identify and require additional verification activity for High Risk Certificate 
Requests prior to the Certificate’s approval, as reasonably necessary to ensure 
that such requests are properly verified under these Requirements.

If a Delegated Third Party fulfills any of the CA’s obligations under this 
section, the CA SHALL verify that the process used by the Delegated Third Party 
to identify and further verify High Risk Certificate Requests provides at least 
the same level of assurance as the CA’s own processes.


[Ballot amendments shown against BR 4.2.1 as it existed after Ballot 193 was 
approved]

BR 

Re: [cabfpub] Ballot 197 ? Effective Date of Ballot 193 Provisions (amended April 26)

[Robin Alden via Public]

Comodo votes ‘Yes’ to ballot 197.
Regards
Robin Alden
Comodo

From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Kirk Hall via
Public
Sent: 26 April 2017 06:45
To: CA/Browser Forum Public Discussion List <public@cabforum.org>
Cc: Kirk Hall <kirk.h...@entrustdatacard.com>
Subject: [cabfpub] Ballot 197 - Effective Date of Ballot 193 Provisions
(amended April 26)

Sorry, I lost version control on Ballot 197 (originally sent to the Public
list on April 19) in my message earlier today - we are still in the
Discussion Period, and so we can clearly make amendments.
To restate my earlier message, based on discussions on the list about the
uncertain status of Ballot 194, the proposer and endorsers for Ballot 197
wish to amend Ballot 197 as shown below and on the attached.  The amendment
is basically to add a Section 3 that says: “"Section 3: The vote on Ballot
194 and the Review Period notice issued for Ballot 194 are hereby declared
null and void and of no effect, and are rescinded.”

Voting on this amended ballot will begin tomorrow, April 26, at 22:00 UTC.

Ballot 197 - Effective Date of Ballot 193 Provisions (amended April 26)

Recent Ballot 193 reduced the maximum period for certificates and for reuse
of vetting data for DV and OV certificates from 39 months to 825 days.  The
effective date for reducing the maximum validity period of certificates was
specified as March 1, 2018, but no effective date was specified for when the
reduction of the maximum period for reuse of vetting data becomes effective.

It was the intention of the authors of Ballot 193 that the effective date
for reducing the maximum period for reuse of vetting data under BR 4.2.1
would also be March 1, 2018.  This ballot is intended to clarify that
intention.  The ballot also makes these changes retroactive to the effective
date of Ballot 193 so there is no gap period.

Ballot 193 is in the Review Period (which will end on April 22, 2017), and
has not yet taken effect.  Bylaw 2.3 states that Ballots should include a
“redline or comparison showing the set of changes from the Final Guideline
section(s) intended to become a Final Maintenance Guideline” and that “[s]
uch redline or comparison shall be made against the Final Guideline
section(s) as they exist at the time a ballot is proposed”.

To avoid confusion, this Ballot will show the proposed changes to BR 4.2.1
will be presented two ways: (1) a comparison of the changes to BR 4.2.1 as
it existed before Ballot 193 (which is as BR 4.2.1 exists at this time this
ballot is proposed), and also (2) a comparison of the changes to BR 4.2.1 as
it will exist after the Review Period for Ballot 193 is completed (assuming
no Exclusion Notices are filed).

The following motion has been proposed by Chris Bailey of Entrust Datacard
and endorsed by Ben Wilson of DigiCert, and Wayne Thayer of GoDaddy to
introduce new Final Maintenance Guidelines for the "Baseline Requirements
Certificate Policy for the Issuance and Management of Publicly-Trusted
Certificates" (Baseline Requirements) and the "Guidelines for the Issuance
and Management of Extended Validation Certificates" (EV Guidelines).

-- MOTION BEGINS --

Ballot Section 1

BR 4.2.1 is amended to read as follows:

[Ballot amendments shown against BR 4.2.1 as it currently exists without the
changes adopted in Ballot 193]

BR 4.2.1. Performing Identification and Authentication Functions

The certificate request MAY include all factual information about the
Applicant to be included in the Certificate, and such additional information
as is necessary for the CA to obtain from the Applicant in order to comply
with these Requirements and the CA’s Certificate Policy and/or
Certification Practice Statement. In cases where the certificate request
does not contain all the necessary information about the Applicant, the CA
SHALL obtain the remaining information from the Applicant or, having
obtained it from a reliable, independent, third‐party data source, confirm
it with the Applicant. The CA SHALL establish and follow a documented
procedure for verifying all data requested for inclusion in the Certificate
by the Applicant.

Applicant information MUST include, but not be limited to, at least one
Fully‐Qualified Domain Name or IP address to be included in the
Certificate’s SubjectAltName extension.

Section 6.3.2 limits the validity period of Subscriber Certificates. The CA
MAY use the documents and data provided in Section 3.2 to verify certificate
information, provided that: the CA obtained the data or document from a
source specified under Section 3.2 no more than thirty‐nine (39) months
prior to issuing the Certificate.

(1) Prior to March 1, 2018, the CA obtained the data or document from a
source specified under Section 3.2 no more than 39 months prior to issuing
the Certificate; and

(2) On or after March 1, 2018, the CA obtained the data or document from a
source specified under Section 3.2 no more than 825 

Re: [cabfpub] Ballot 197 – Effective Date of Ballot 193 Provisions (amended April 26)

[zhangyq via Public]

GDCA votes “Yes” to ballot 197.


From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Kirk Hall via 
Public
Sent: 26. april 2017 07:45
To: CA/Browser Forum Public Discussion List
Cc: Kirk Hall
Subject: [cabfpub] Ballot 197 – Effective Date of Ballot 193 Provisions 
(amended April 26)

Sorry, I lost version control on Ballot 197 (originally sent to the Public list 
on April 19) in my message earlier today – we are still in the Discussion 
Period, and so we can clearly make amendments.
To restate my earlier message, based on discussions on the list about the 
uncertain status of Ballot 194, the proposer and endorsers for Ballot 197 wish 
to amend Ballot 197 as shown below and on the attached. The amendment is 
basically to add a Section 3 that says: “"Section 3: The vote on Ballot 194 and 
the Review Period notice issued for Ballot 194 are hereby declared null and 
void and of no effect, and are rescinded.”

Voting on this amended ballot will begin tomorrow, April 26, at 22:00 UTC.

Ballot 197 – Effective Date of Ballot 193 Provisions (amended April 26)

Recent Ballot 193 reduced the maximum period for certificates and for reuse of 
vetting data for DV and OV certificates from 39 months to 825 days. The 
effective date for reducing the maximum validity period of certificates was 
specified as March 1, 2018, but no effective date was specified for when the 
reduction of the maximum period for reuse of vetting data becomes effective.

It was the intention of the authors of Ballot 193 that the effective date for 
reducing the maximum period for reuse of vetting data under BR 4.2.1 would also 
be March 1, 2018. This ballot is intended to clarify that intention. The ballot 
also makes these changes retroactive to the effective date of Ballot 193 so 
there is no gap period.

Ballot 193 is in the Review Period (which will end on April 22, 2017), and has 
not yet taken effect. Bylaw 2.3 states that Ballots should include a “redline 
or comparison showing the set of changes from the Final Guideline section(s) 
intended to become a Final Maintenance Guideline” and that “[s]uch redline or 
comparison shall be made against the Final Guideline section(s) as they exist 
at the time a ballot is proposed”.

To avoid confusion, this Ballot will show the proposed changes to BR 4.2.1 will 
be presented two ways: (1) a comparison of the changes to BR 4.2.1 as it 
existed before Ballot 193 (which is as BR 4.2.1 exists at this time this ballot 
is proposed), and also (2) a comparison of the changes to BR 4.2.1 as it will 
exist after the Review Period for Ballot 193 is completed (assuming no 
Exclusion Notices are filed).

The following motion has been proposed by Chris Bailey of Entrust Datacard and 
endorsed by Ben Wilson of DigiCert, and Wayne Thayer of GoDaddy to introduce 
new Final Maintenance Guidelines for the "Baseline Requirements Certificate 
Policy for the Issuance and Management of Publicly-Trusted Certificates" 
(Baseline Requirements) and the "Guidelines for the Issuance and Management of 
Extended Validation Certificates" (EV Guidelines).

-- MOTION BEGINS --

Ballot Section 1

BR 4.2.1 is amended to read as follows:

[Ballot amendments shown against BR 4.2.1 as it currently exists without the 
changes adopted in Ballot 193]

BR 4.2.1. Performing Identification and Authentication Functions

The certificate request MAY include all factual information about the Applicant 
to be included in the Certificate, and such additional information as is 
necessary for the CA to obtain from the Applicant in order to comply with these 
Requirements and the CA’s Certificate Policy and/or Certification Practice 
Statement. In cases where the certificate request does not contain all the 
necessary information about the Applicant, the CA SHALL obtain the remaining 
information from the Applicant or, having obtained it from a reliable, 
independent, third‐party data source, confirm it with the Applicant. The CA 
SHALL establish and follow a documented procedure for verifying all data 
requested for inclusion in the Certificate by the Applicant.

Applicant information MUST include, but not be limited to, at least one 
Fully‐Qualified Domain Name or IP address to be included in the Certificate’s 
SubjectAltName extension.

Section 6.3.2 limits the validity period of Subscriber Certificates. The CA MAY 
use the documents and data provided in Section 3.2 to verify certificate 
information, provided that: the CA obtained the data or document from a source 
specified under Section 3.2 no more than thirty‐nine (39) months prior to 
issuing the Certificate.

(1) Prior to March 1, 2018, the CA obtained the data or document from a source 
specified under Section 3.2 no more than 39 months prior to issuing the 
Certificate; and

(2) On or after March 1, 2018, the CA obtained the data or document from a 
source specified under Section 3.2 no more than 825 days prior to issuing the 
Certificate.

The C

Re: [cabfpub] Ballot 197 – Effective Date of Ballot 193 Provisions (amended April 26)

[Adriano Santoni via Public]

  
  
Actalis "abstain".





  
  
  
  
  
  



  From: Public
  <public-boun...@cabforum.org> on behalf of Kirk Hall
  via Public <public@cabforum.org>
  Reply-To: CA/Browser Forum Public Discussion List
  <public@cabforum.org>
  Date: Tuesday, April 25, 2017 at 10:45 PM
  To: CA/Browser Forum Public Discussion List
  <public@cabforum.org>
  Cc: Kirk Hall
  <kirk.h...@entrustdatacard.com>
      Subject: [cabfpub] Ballot 197 – Effective Date of
  Ballot 193 Provisions (amended April 26)


   

Sorry,
I lost version control on Ballot 197 (originally sent to the
Public list on April 19) in my message earlier today – we
are still in the Discussion Period, and so we can clearly
make amendments.
To
restate my earlier message,
  based on discussions on the list about the uncertain
  status of Ballot 194, the proposer and endorsers for Ballot
  197 wish to amend Ballot 197 as shown below and on the
  attached.  The amendment is basically to add a Section 3 that
  says: “"Section 3: The vote on
Ballot 194 and the Review Period notice issued for Ballot
194 are hereby declared null and void and of no effect, and
are rescinded.” 
  
 
Voting
on this amended ballot will begin tomorrow, April 26, at
22:00 UTC.
 

  Ballot 197 – Effective Date
  of Ballot 193 Provisions (amended April 26)

   

  Recent Ballot 193 reduced the
maximum period for certificates and for reuse of vetting
data for DV and OV certificates from 39 months to 825 days. 
The effective date for reducing the maximum validity period
of certificates was specified as March 1, 2018, but no
effective date was specified for when the reduction of the
maximum period for reuse of vetting data becomes effective.

   

  It was the intention of the
authors of Ballot 193 that the effective date for reducing
the maximum period for reuse of vetting data under BR 4.2.1
would also be March 1, 2018.  This ballot is intended to
clarify that intention.  The ballot also makes these changes
retroactive to the effective date of Ballot 193 so there is
no gap period.

   
Ballot 193 is in the Review Period
(which will end on April 22, 2017), and has not yet taken
effect.  Bylaw 2.3 states that Ballots should include a
“redline or comparison showing the set of changes from the
Final Guideline section(s) intended to become a Final
Maintenance Guideline” and that “[s]uch redline or
comparison shall be made against the Final Guideline
section(s) as they exist at the time a ballot is proposed”.
 

  To avoid confusion, this
Ballot will show the proposed changes to BR 4.2.1 will be
presented two ways: (1) a comparison of the changes to BR
4.2.1 as it existed before Ballot 193 (which is as BR 4.2.1
exists at this time this ballot is proposed), and also (2) a
comparison of the changes to BR 4.2.1 as it will exist after
the Review Period for Ballot 193 is completed (assuming no
Exclusion Notices are filed).

   

  The following motion has been
proposed by Chris Bailey of Entrust Datacard and endorsed by
Ben Wilson of DigiCert, and Wayne Thayer of GoDaddy to
introduce new Final Maintenance Guidelines for the "Baseline
Requirements Certificate Policy for the Issuance and
Management of Publicly-Trusted Certificates" (Baseline
Requirements) and the "Guidelines for the Issuance and
Management of Extended Validation Certificates" (EV
Guidelines).

   

  -- MOTION BEGINS -- 

   

  Ballot Section 1

   

  BR 4.2.1 is amended to read as
follows:

   

  [Ballot amendments shown
  against BR 4.2.1 as it currently exists without the
changes adopted in Ballot 193]

   
BR 4.2.1. Performing
  Identification and Authentication Functions
 
The certificate request MAY
include all f

[cabfpub] Ballot 197 – Effective Date of Ballot 193 Provisions (amended April 26)

[Arno Fiedler via Public]

Ballot 197  D-TRUST votes: "Yes"

Best regards
Arno
On 4/26/2017 8:45 AM, Kirk Hall via Public wrote:


*Ballot 197 – Effective Date of Ballot 193 Provisions (amended April 26)*

**

Recent Ballot 193 reduced the maximum period for certificates and for 
reuse of vetting data for DV and OV certificates from 39 months to 
825 days.  The effective date for reducing the maximum validity 
period of certificates was specified as March 1, 2018, but no 
effective date was specified for when the reduction of the maximum 
period for reuse of vetting data becomes effective.


It was the intention of the authors of Ballot 193 that the effective 
date for reducing the maximum period for reuse of vetting data under 
BR 4.2.1 would also be March 1, 2018.  This ballot is intended to 
clarify that intention. The ballot also makes these changes 
retroactive to the effective date of Ballot 193 so there is no gap 
period.


Ballot 193 is in the Review Period (which will end on April 22, 
2017), and has not yet taken effect.  Bylaw 2.3 states that Ballots 
should include a “redline or comparison showing the set of changes 
from the Final Guideline section(s) intended to become a Final 
Maintenance Guideline” and that “[s]uch redline or comparison shall 
be made against the Final Guideline section(s) as they exist at the 
time a ballot is proposed”.


To avoid confusion, this Ballot will show the proposed changes to BR 
4.2.1 will be presented two ways: (1) a comparison of the changes to 
BR 4.2.1 as it existed before Ballot 193 (which is as BR 4.2.1 exists 
at this time this ballot is proposed), and also (2) a comparison of 
the changes to BR 4.2.1 as it will exist after the Review Period for 
Ballot 193 is completed (assuming no Exclusion Notices are filed).


The following motion has been proposed by Chris Bailey of Entrust 
Datacard and endorsed by Ben Wilson of DigiCert, and Wayne Thayer of 
GoDaddy to introduce new Final Maintenance Guidelines for the 
"Baseline Requirements Certificate Policy for the Issuance and 
Management of Publicly-Trusted Certificates" (Baseline Requirements) 
and the "Guidelines for the Issuance and Management of Extended 
Validation Certificates" (EV Guidelines).


-- MOTION BEGINS --

*_Ballot Section 1_*

*__*

BR 4.2.1 is amended to read as follows:

/[Ballot amendments shown against BR 4.2.1 _as it currently exists 
without the changes adopted in Ballot 193_]/


*BR 4.2.1. Performing Identification and Authentication Functions*

The certificate request MAY include all factual information about the 
Applicant to be included in the Certificate, and such additional 
information as is necessary for the CA to obtain from the Applicant 
in order to comply with these Requirements and the CA’s Certificate 
Policy and/or Certification Practice Statement. In cases where the 
certificate request does not contain all the necessary information 
about the Applicant, the CA SHALL obtain the remaining information 
from the Applicant or, having obtained it from a reliable, 
independent, third‐party data source, confirm it with the Applicant. 
The CA SHALL establish and follow a documented procedure for 
verifying all data requested for inclusion in the Certificate by the 
Applicant.


Applicant information MUST include, but not be limited to, at least 
one Fully‐Qualified Domain Name or IP address to be included in the 
Certificate’s SubjectAltName extension.


Section 6.3.2 limits the validity period of Subscriber Certificates. 
The CA MAY use the documents and data provided in Section 3.2 to 
verify certificate information, provided that*_:_* /the CA obtained 
the data or document from a source specified under Section 3.2 no 
more than thirty//‐//nine (39) months prior to issuing the Certificate./


*_(1) Prior to March 1, 2018, the CA obtained the data or document 
from a source specified under Section 3.2 no more than 39 months 
prior to issuing the Certificate; and_*


*_(2) On or after March 1, 2018, the CA obtained the data or document 
from a source specified under Section 3.2 no more than 825 days prior 
to issuing the Certificate. _*


*__*

The CA SHALL develop, maintain, and implement documented procedures 
that identify and require additional verification activity for High 
Risk Certificate Requests prior to the Certificate’s approval, as 
reasonably necessary to ensure that such requests are properly 
verified under these Requirements.


If a Delegated Third Party fulfills any of the CA’s obligations under 
this section, the CA SHALL verify that the process used by the 
Delegated Third Party to identify and further verify High Risk 
Certificate Requests provides at least the same level of assurance as 
the CA’s own processes.


/[Ballot amendments shown against BR 4.2.1 _as it existed after 
Ballot 193 was approved_]/


*BR 4.2.1. Performing Identification and Authentication Functions*

The certificate request MAY include all factual information about the 
Applicant to be included in the 

[cabfpub] Ballot 197 – Effective Date of Ballot 193 Provisions (amended April 26)

[Patrick Tronnier via Public]

OATI votes YES to Ballot 197 as listed below.


Thanks

With kind regards,

Patrick Tronnier
Principal Security Architect &
Sr. Director of Quality Assurance & Customer Support
Phone: 763.201.2000 Fax: 763.201.5333
Direct Line: 763.201.2052
Open Access Technology International, Inc.
3660 Technology Drive NE, Minneapolis, MN 55418

CONFIDENTIAL INFORMATION: This email and any attachment(s) contain confidential 
and/or proprietary information of Open Access Technology International, Inc. Do 
not copy or distribute without the prior written consent of OATI. If you are 
not a named recipient to the message, please notify the sender immediately and 
do not retain the message in any form, printed or electronic.


From: Public <public-boun...@cabforum.org<mailto:public-boun...@cabforum.org>> 
on behalf of Kirk Hall via Public 
<public@cabforum.org<mailto:public@cabforum.org>>
Reply-To: CA/Browser Forum Public Discussion List 
<public@cabforum.org<mailto:public@cabforum.org>>
Date: Tuesday, April 25, 2017 at 10:45 PM
To: CA/Browser Forum Public Discussion List 
<public@cabforum.org<mailto:public@cabforum.org>>
Cc: Kirk Hall 
<kirk.h...@entrustdatacard.com<mailto:kirk.h...@entrustdatacard.com>>
Subject: [cabfpub] Ballot 197 – Effective Date of Ballot 193 Provisions 
(amended April 26)

Sorry, I lost version control on Ballot 197 (originally sent to the Public list 
on April 19) in my message earlier today – we are still in the Discussion 
Period, and so we can clearly make amendments.

To restate my earlier message, based on discussions on the list about the 
uncertain status of Ballot 194, the proposer and endorsers for Ballot 197 wish 
to amend Ballot 197 as shown below and on the attached.  The amendment is 
basically to add a Section 3 that says: “"Section 3: The vote on Ballot 194 and 
the Review Period notice issued for Ballot 194 are hereby declared null and 
void and of no effect, and are rescinded.”


Voting on this amended ballot will begin tomorrow, April 26, at 22:00 UTC.

Ballot 197 – Effective Date of Ballot 193 Provisions (amended April 26)

Recent Ballot 193 reduced the maximum period for certificates and for reuse of 
vetting data for DV and OV certificates from 39 months to 825 days.  The 
effective date for reducing the maximum validity period of certificates was 
specified as March 1, 2018, but no effective date was specified for when the 
reduction of the maximum period for reuse of vetting data becomes effective.

It was the intention of the authors of Ballot 193 that the effective date for 
reducing the maximum period for reuse of vetting data under BR 4.2.1 would also 
be March 1, 2018.  This ballot is intended to clarify that intention.  The 
ballot also makes these changes retroactive to the effective date of Ballot 193 
so there is no gap period.

Ballot 193 is in the Review Period (which will end on April 22, 2017), and has 
not yet taken effect.  Bylaw 2.3 states that Ballots should include a “redline 
or comparison showing the set of changes from the Final Guideline section(s) 
intended to become a Final Maintenance Guideline” and that “[s]uch redline or 
comparison shall be made against the Final Guideline section(s) as they exist 
at the time a ballot is proposed”.

To avoid confusion, this Ballot will show the proposed changes to BR 4.2.1 will 
be presented two ways: (1) a comparison of the changes to BR 4.2.1 as it 
existed before Ballot 193 (which is as BR 4.2.1 exists at this time this ballot 
is proposed), and also (2) a comparison of the changes to BR 4.2.1 as it will 
exist after the Review Period for Ballot 193 is completed (assuming no 
Exclusion Notices are filed).

The following motion has been proposed by Chris Bailey of Entrust Datacard and 
endorsed by Ben Wilson of DigiCert, and Wayne Thayer of GoDaddy to introduce 
new Final Maintenance Guidelines for the "Baseline Requirements Certificate 
Policy for the Issuance and Management of Publicly-Trusted Certificates" 
(Baseline Requirements) and the "Guidelines for the Issuance and Management of 
Extended Validation Certificates" (EV Guidelines).

-- MOTION BEGINS --

Ballot Section 1

BR 4.2.1 is amended to read as follows:

[Ballot amendments shown against BR 4.2.1 as it currently exists without the 
changes adopted in Ballot 193]

BR 4.2.1. Performing Identification and Authentication Functions

The certificate request MAY include all factual information about the Applicant 
to be included in the Certificate, and such additional information as is 
necessary for the CA to obtain from the Applicant in order to comply with these 
Requirements and the CA’s Certificate Policy and/or Certification Practice 
Statement. In cases where the certificate request does not contain all the 
necessary information about the Applicant, the CA SHALL obtain the remaining 
information from the Applicant or, having obtained it from a reliable, 

Re: [cabfpub] Ballot 197 – Effective Date of Ballot 193 Provisions (amended April 26)

[Jody Cloutier via Public]

Microsoft votes yes.

From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Stephen Davidson 
via Public
Sent: Friday, April 28, 2017 12:25 PM
To: CA/Browser Forum Public Discussion List <public@cabforum.org>
Cc: Stephen Davidson <s.david...@quovadisglobal.com>
Subject: Re: [cabfpub] Ballot 197 – Effective Date of Ballot 193 Provisions 
(amended April 26)

QuoVadis votes yes,
Regards, Stephen


From: Public <public-boun...@cabforum.org<mailto:public-boun...@cabforum.org>> 
on behalf of Kirk Hall via Public 
<public@cabforum.org<mailto:public@cabforum.org>>
Reply-To: CA/Browser Forum Public Discussion List 
<public@cabforum.org<mailto:public@cabforum.org>>
Date: Tuesday, April 25, 2017 at 10:45 PM
To: CA/Browser Forum Public Discussion List 
<public@cabforum.org<mailto:public@cabforum.org>>
Cc: Kirk Hall 
<kirk.h...@entrustdatacard.com<mailto:kirk.h...@entrustdatacard.com>>
Subject: [cabfpub] Ballot 197 – Effective Date of Ballot 193 Provisions 
(amended April 26)

Sorry, I lost version control on Ballot 197 (originally sent to the Public list 
on April 19) in my message earlier today – we are still in the Discussion 
Period, and so we can clearly make amendments.

To restate my earlier message, based on discussions on the list about the 
uncertain status of Ballot 194, the proposer and endorsers for Ballot 197 wish 
to amend Ballot 197 as shown below and on the attached.  The amendment is 
basically to add a Section 3 that says: “"Section 3: The vote on Ballot 194 and 
the Review Period notice issued for Ballot 194 are hereby declared null and 
void and of no effect, and are rescinded.”


Voting on this amended ballot will begin tomorrow, April 26, at 22:00 UTC.

Ballot 197 – Effective Date of Ballot 193 Provisions (amended April 26)

Recent Ballot 193 reduced the maximum period for certificates and for reuse of 
vetting data for DV and OV certificates from 39 months to 825 days.  The 
effective date for reducing the maximum validity period of certificates was 
specified as March 1, 2018, but no effective date was specified for when the 
reduction of the maximum period for reuse of vetting data becomes effective.

It was the intention of the authors of Ballot 193 that the effective date for 
reducing the maximum period for reuse of vetting data under BR 4.2.1 would also 
be March 1, 2018.  This ballot is intended to clarify that intention.  The 
ballot also makes these changes retroactive to the effective date of Ballot 193 
so there is no gap period.

Ballot 193 is in the Review Period (which will end on April 22, 2017), and has 
not yet taken effect.  Bylaw 2.3 states that Ballots should include a “redline 
or comparison showing the set of changes from the Final Guideline section(s) 
intended to become a Final Maintenance Guideline” and that “[s]uch redline or 
comparison shall be made against the Final Guideline section(s) as they exist 
at the time a ballot is proposed”.

To avoid confusion, this Ballot will show the proposed changes to BR 4.2.1 will 
be presented two ways: (1) a comparison of the changes to BR 4.2.1 as it 
existed before Ballot 193 (which is as BR 4.2.1 exists at this time this ballot 
is proposed), and also (2) a comparison of the changes to BR 4.2.1 as it will 
exist after the Review Period for Ballot 193 is completed (assuming no 
Exclusion Notices are filed).

The following motion has been proposed by Chris Bailey of Entrust Datacard and 
endorsed by Ben Wilson of DigiCert, and Wayne Thayer of GoDaddy to introduce 
new Final Maintenance Guidelines for the "Baseline Requirements Certificate 
Policy for the Issuance and Management of Publicly-Trusted Certificates" 
(Baseline Requirements) and the "Guidelines for the Issuance and Management of 
Extended Validation Certificates" (EV Guidelines).

-- MOTION BEGINS --

Ballot Section 1

BR 4.2.1 is amended to read as follows:

[Ballot amendments shown against BR 4.2.1 as it currently exists without the 
changes adopted in Ballot 193]

BR 4.2.1. Performing Identification and Authentication Functions

The certificate request MAY include all factual information about the Applicant 
to be included in the Certificate, and such additional information as is 
necessary for the CA to obtain from the Applicant in order to comply with these 
Requirements and the CA’s Certificate Policy and/or Certification Practice 
Statement. In cases where the certificate request does not contain all the 
necessary information about the Applicant, the CA SHALL obtain the remaining 
information from the Applicant or, having obtained it from a reliable, 
independent, third‐party data source, confirm it with the Applicant. The CA 
SHALL establish and follow a documented procedure for verifying all data 
requested for inclusion in the Certificate by the Applicant.

Applicant information MUST include, but not be limited to, at least one 
Fully‐Qualified Domain

Re: [cabfpub] Ballot 197 – Effective Date of Ballot 193 Provisions (amended April 26)

[Moudrick M. Dadashov via Public]

SSC votes: "Yes".

Thanks,
M.D.

On 4/26/2017 8:45 AM, Kirk Hall via Public wrote:


Sorry, I lost version control on Ballot 197 (originally sent to the 
Public list on April 19) in my message earlier today – we are still in 
the Discussion Period, and so we can clearly make amendments.


To restate my earlier message, based on discussions on the list about 
the uncertain status of Ballot 194, the proposer and endorsers for 
Ballot 197 wish to amend Ballot 197 as shown below and on the 
attached.  The amendment is basically to add a Section 3 that says: 
“"Section 3: The vote on Ballot 194 and the Review Period notice 
issued for Ballot 194 are hereby declared null and void and of no 
effect, and are rescinded.”


Voting on this amended ballot will begin tomorrow, April 26, at 22:00 UTC.

*Ballot 197 – Effective Date of Ballot 193 Provisions (amended April 26)*

**

Recent Ballot 193 reduced the maximum period for certificates and for 
reuse of vetting data for DV and OV certificates from 39 months to 825 
days.  The effective date for reducing the maximum validity period of 
certificates was specified as March 1, 2018, but no effective date was 
specified for when the reduction of the maximum period for reuse of 
vetting data becomes effective.


It was the intention of the authors of Ballot 193 that the effective 
date for reducing the maximum period for reuse of vetting data under 
BR 4.2.1 would also be March 1, 2018. This ballot is intended to 
clarify that intention.  The ballot also makes these changes 
retroactive to the effective date of Ballot 193 so there is no gap period.


Ballot 193 is in the Review Period (which will end on April 22, 2017), 
and has not yet taken effect.  Bylaw 2.3 states that Ballots should 
include a “redline or comparison showing the set of changes from the 
Final Guideline section(s) intended to become a Final Maintenance 
Guideline” and that “[s]uch redline or comparison shall be made 
against the Final Guideline section(s) as they exist at the time a 
ballot is proposed”.


To avoid confusion, this Ballot will show the proposed changes to BR 
4.2.1 will be presented two ways: (1) a comparison of the changes to 
BR 4.2.1 as it existed before Ballot 193 (which is as BR 4.2.1 exists 
at this time this ballot is proposed), and also (2) a comparison of 
the changes to BR 4.2.1 as it will exist after the Review Period for 
Ballot 193 is completed (assuming no Exclusion Notices are filed).


The following motion has been proposed by Chris Bailey of Entrust 
Datacard and endorsed by Ben Wilson of DigiCert, and Wayne Thayer of 
GoDaddy to introduce new Final Maintenance Guidelines for the 
"Baseline Requirements Certificate Policy for the Issuance and 
Management of Publicly-Trusted Certificates" (Baseline Requirements) 
and the "Guidelines for the Issuance and Management of Extended 
Validation Certificates" (EV Guidelines).


-- MOTION BEGINS --

*_Ballot Section 1_*

*__*

BR 4.2.1 is amended to read as follows:

/[Ballot amendments shown against BR 4.2.1 _as it currently exists 
without the changes adopted in Ballot 193_]/


*BR 4.2.1. Performing Identification and Authentication Functions*

The certificate request MAY include all factual information about the 
Applicant to be included in the Certificate, and such additional 
information as is necessary for the CA to obtain from the Applicant in 
order to comply with these Requirements and the CA’s Certificate 
Policy and/or Certification Practice Statement. In cases where the 
certificate request does not contain all the necessary information 
about the Applicant, the CA SHALL obtain the remaining information 
from the Applicant or, having obtained it from a reliable, 
independent, third‐party data source, confirm it with the Applicant. 
The CA SHALL establish and follow a documented procedure for verifying 
all data requested for inclusion in the Certificate by the Applicant.


Applicant information MUST include, but not be limited to, at least 
one Fully‐Qualified Domain Name or IP address to be included in the 
Certificate’s SubjectAltName extension.


Section 6.3.2 limits the validity period of Subscriber Certificates. 
The CA MAY use the documents and data provided in Section 3.2 to 
verify certificate information, provided that*_:_* /the CA obtained 
the data or document from a source specified under Section 3.2 no more 
than thirty//‐//nine (39) months prior to issuing the Certificate./


*_(1) Prior to March 1, 2018, the CA obtained the data or document 
from a source specified under Section 3.2 no more than 39 months prior 
to issuing the Certificate; and_*


*_(2) On or after March 1, 2018, the CA obtained the data or document 
from a source specified under Section 3.2 no more than 825 days prior 
to issuing the Certificate. _*


*__*

The CA SHALL develop, maintain, and implement documented procedures 
that identify and require additional verification activity for High 
Risk Certificate Requests prior to the 

Re: [cabfpub] Ballot 197 – Effective Date of Ballot 193 Provisions (amended April 26)

[Ben Wilson via Public]

DigiCert votes “yes”





From: Public <public-boun...@cabforum.org<mailto:public-boun...@cabforum.org>> 
on behalf of Kirk Hall via Public 
<public@cabforum.org<mailto:public@cabforum.org>>
Reply-To: CA/Browser Forum Public Discussion List 
<public@cabforum.org<mailto:public@cabforum.org>>
Date: Tuesday, April 25, 2017 at 10:45 PM
To: CA/Browser Forum Public Discussion List 
<public@cabforum.org<mailto:public@cabforum.org>>
Cc: Kirk Hall 
<kirk.h...@entrustdatacard.com<mailto:kirk.h...@entrustdatacard.com>>
Subject: [cabfpub] Ballot 197 – Effective Date of Ballot 193 Provisions 
(amended April 26)



Sorry, I lost version control on Ballot 197 (originally sent to the Public list 
on April 19) in my message earlier today – we are still in the Discussion 
Period, and so we can clearly make amendments.

To restate my earlier message, based on discussions on the list about the 
uncertain status of Ballot 194, the proposer and endorsers for Ballot 197 wish 
to amend Ballot 197 as shown below and on the attached.  The amendment is 
basically to add a Section 3 that says: “"Section 3: The vote on Ballot 194 and 
the Review Period notice issued for Ballot 194 are hereby declared null and 
void and of no effect, and are rescinded.”



Voting on this amended ballot will begin tomorrow, April 26, at 22:00 UTC.



Ballot 197 – Effective Date of Ballot 193 Provisions (amended April 26)



Recent Ballot 193 reduced the maximum period for certificates and for reuse of 
vetting data for DV and OV certificates from 39 months to 825 days.  The 
effective date for reducing the maximum validity period of certificates was 
specified as March 1, 2018, but no effective date was specified for when the 
reduction of the maximum period for reuse of vetting data becomes effective.



It was the intention of the authors of Ballot 193 that the effective date for 
reducing the maximum period for reuse of vetting data under BR 4.2.1 would also 
be March 1, 2018.  This ballot is intended to clarify that intention.  The 
ballot also makes these changes retroactive to the effective date of Ballot 193 
so there is no gap period.



Ballot 193 is in the Review Period (which will end on April 22, 2017), and has 
not yet taken effect.  Bylaw 2.3 states that Ballots should include a “redline 
or comparison showing the set of changes from the Final Guideline section(s) 
intended to become a Final Maintenance Guideline” and that “[s]uch redline or 
comparison shall be made against the Final Guideline section(s) as they exist 
at the time a ballot is proposed”.



To avoid confusion, this Ballot will show the proposed changes to BR 4.2.1 will 
be presented two ways: (1) a comparison of the changes to BR 4.2.1 as it 
existed before Ballot 193 (which is as BR 4.2.1 exists at this time this ballot 
is proposed), and also (2) a comparison of the changes to BR 4.2.1 as it will 
exist after the Review Period for Ballot 193 is completed (assuming no 
Exclusion Notices are filed).



The following motion has been proposed by Chris Bailey of Entrust Datacard and 
endorsed by Ben Wilson of DigiCert, and Wayne Thayer of GoDaddy to introduce 
new Final Maintenance Guidelines for the "Baseline Requirements Certificate 
Policy for the Issuance and Management of Publicly-Trusted Certificates" 
(Baseline Requirements) and the "Guidelines for the Issuance and Management of 
Extended Validation Certificates" (EV Guidelines).



-- MOTION BEGINS --



Ballot Section 1



BR 4.2.1 is amended to read as follows:



[Ballot amendments shown against BR 4.2.1 as it currently exists without the 
changes adopted in Ballot 193]



BR 4.2.1. Performing Identification and Authentication Functions



The certificate request MAY include all factual information about the Applicant 
to be included in the Certificate, and such additional information as is 
necessary for the CA to obtain from the Applicant in order to comply with these 
Requirements and the CA’s Certificate Policy and/or Certification Practice 
Statement. In cases where the certificate request does not contain all the 
necessary information about the Applicant, the CA SHALL obtain the remaining 
information from the Applicant or, having obtained it from a reliable, 
independent, third‐party data source, confirm it with the Applicant. The CA 
SHALL establish and follow a documented procedure for verifying all data 
requested for inclusion in the Certificate by the Applicant.



Applicant information MUST include, but not be limited to, at least one 
Fully‐Qualified Domain Name or IP address to be included in the Certificate’s 
SubjectAltName extension.



Section 6.3.2 limits the validity period of Subscriber Certificates. The CA MAY 
use the documents and data provided in Section 3.2 to verify certificate 
information, provided that: the CA obtained the data or document from a source 
specified under Section 3.2 no more than thi

Re: [cabfpub] Ballot 197 ? Effective Date of Ballot 193 Provisions (amended April 26)

[N. Atilla Biler via Public]

TURKTRUST votes “YES”.



From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Kirk Hall via
Public
Sent: 26. april 2017 07:45
To: CA/Browser Forum Public Discussion List
Cc: Kirk Hall
Subject: [cabfpub] Ballot 197 - Effective Date of Ballot 193 Provisions
(amended April 26)



Sorry, I lost version control on Ballot 197 (originally sent to the Public
list on April 19) in my message earlier today - we are still in the
Discussion Period, and so we can clearly make amendments.

To restate my earlier message, based on discussions on the list about the
uncertain status of Ballot 194, the proposer and endorsers for Ballot 197
wish to amend Ballot 197 as shown below and on the attached.  The amendment
is basically to add a Section 3 that says: “"Section 3: The vote on Ballot
194 and the Review Period notice issued for Ballot 194 are hereby declared
null and void and of no effect, and are rescinded.”



Voting on this amended ballot will begin tomorrow, April 26, at 22:00 UTC.



Ballot 197 - Effective Date of Ballot 193 Provisions (amended April 26)



Recent Ballot 193 reduced the maximum period for certificates and for reuse
of vetting data for DV and OV certificates from 39 months to 825 days.  The
effective date for reducing the maximum validity period of certificates was
specified as March 1, 2018, but no effective date was specified for when the
reduction of the maximum period for reuse of vetting data becomes effective.



It was the intention of the authors of Ballot 193 that the effective date
for reducing the maximum period for reuse of vetting data under BR 4.2.1
would also be March 1, 2018.  This ballot is intended to clarify that
intention.  The ballot also makes these changes retroactive to the effective
date of Ballot 193 so there is no gap period.



Ballot 193 is in the Review Period (which will end on April 22, 2017), and
has not yet taken effect.  Bylaw 2.3 states that Ballots should include a
“redline or comparison showing the set of changes from the Final Guideline
section(s) intended to become a Final Maintenance Guideline” and that “[s]
uch redline or comparison shall be made against the Final Guideline
section(s) as they exist at the time a ballot is proposed”.



To avoid confusion, this Ballot will show the proposed changes to BR 4.2.1
will be presented two ways: (1) a comparison of the changes to BR 4.2.1 as
it existed before Ballot 193 (which is as BR 4.2.1 exists at this time this
ballot is proposed), and also (2) a comparison of the changes to BR 4.2.1 as
it will exist after the Review Period for Ballot 193 is completed (assuming
no Exclusion Notices are filed).



The following motion has been proposed by Chris Bailey of Entrust Datacard
and endorsed by Ben Wilson of DigiCert, and Wayne Thayer of GoDaddy to
introduce new Final Maintenance Guidelines for the "Baseline Requirements
Certificate Policy for the Issuance and Management of Publicly-Trusted
Certificates" (Baseline Requirements) and the "Guidelines for the Issuance
and Management of Extended Validation Certificates" (EV Guidelines).



-- MOTION BEGINS --



Ballot Section 1



BR 4.2.1 is amended to read as follows:



[Ballot amendments shown against BR 4.2.1 as it currently exists without the
changes adopted in Ballot 193]



BR 4.2.1. Performing Identification and Authentication Functions



The certificate request MAY include all factual information about the
Applicant to be included in the Certificate, and such additional information
as is necessary for the CA to obtain from the Applicant in order to comply
with these Requirements and the CA’s Certificate Policy and/or
Certification Practice Statement. In cases where the certificate request
does not contain all the necessary information about the Applicant, the CA
SHALL obtain the remaining information from the Applicant or, having
obtained it from a reliable, independent, third‐party data source, confirm
it with the Applicant. The CA SHALL establish and follow a documented
procedure for verifying all data requested for inclusion in the Certificate
by the Applicant.



Applicant information MUST include, but not be limited to, at least one
Fully‐Qualified Domain Name or IP address to be included in the
Certificate’s SubjectAltName extension.



Section 6.3.2 limits the validity period of Subscriber Certificates. The CA
MAY use the documents and data provided in Section 3.2 to verify certificate
information, provided that: the CA obtained the data or document from a
source specified under Section 3.2 no more than thirty‐nine (39) months
prior to issuing the Certificate.



(1) Prior to March 1, 2018, the CA obtained the data or document from a
source specified under Section 3.2 no more than 39 months prior to issuing
the Certificate; and



(2) On or after March 1, 2018, the CA obtained the data or document from a
source specified under Section 3.2 no more than 825 days prior to issuing
the Certificate.



The CA SHALL develop

Re: [cabfpub] Ballot 197 – Effective Date of Ballot 193 Provisions (amended April 26)

[Wayne Thayer via Public]

GoDaddy votes Yes.
From: Public <public-boun...@cabforum.org> on behalf of Kirk Hall via Public 
<public@cabforum.org>
Reply-To: CA/Browser Forum Public Discussion List <public@cabforum.org>
Date: Tuesday, April 25, 2017 at 10:45 PM
To: CA/Browser Forum Public Discussion List <public@cabforum.org>
Cc: Kirk Hall <kirk.h...@entrustdatacard.com>
Subject: [cabfpub] Ballot 197 – Effective Date of Ballot 193 Provisions 
(amended April 26)

Sorry, I lost version control on Ballot 197 (originally sent to the Public list 
on April 19) in my message earlier today – we are still in the Discussion 
Period, and so we can clearly make amendments.

To restate my earlier message, based on discussions on the list about the 
uncertain status of Ballot 194, the proposer and endorsers for Ballot 197 wish 
to amend Ballot 197 as shown below and on the attached.  The amendment is 
basically to add a Section 3 that says: “"Section 3: The vote on Ballot 194 and 
the Review Period notice issued for Ballot 194 are hereby declared null and 
void and of no effect, and are rescinded.”


Voting on this amended ballot will begin tomorrow, April 26, at 22:00 UTC.

Ballot 197 – Effective Date of Ballot 193 Provisions (amended April 26)

Recent Ballot 193 reduced the maximum period for certificates and for reuse of 
vetting data for DV and OV certificates from 39 months to 825 days.  The 
effective date for reducing the maximum validity period of certificates was 
specified as March 1, 2018, but no effective date was specified for when the 
reduction of the maximum period for reuse of vetting data becomes effective.

It was the intention of the authors of Ballot 193 that the effective date for 
reducing the maximum period for reuse of vetting data under BR 4.2.1 would also 
be March 1, 2018.  This ballot is intended to clarify that intention.  The 
ballot also makes these changes retroactive to the effective date of Ballot 193 
so there is no gap period.

Ballot 193 is in the Review Period (which will end on April 22, 2017), and has 
not yet taken effect.  Bylaw 2.3 states that Ballots should include a “redline 
or comparison showing the set of changes from the Final Guideline section(s) 
intended to become a Final Maintenance Guideline” and that “[s]uch redline or 
comparison shall be made against the Final Guideline section(s) as they exist 
at the time a ballot is proposed”.

To avoid confusion, this Ballot will show the proposed changes to BR 4.2.1 will 
be presented two ways: (1) a comparison of the changes to BR 4.2.1 as it 
existed before Ballot 193 (which is as BR 4.2.1 exists at this time this ballot 
is proposed), and also (2) a comparison of the changes to BR 4.2.1 as it will 
exist after the Review Period for Ballot 193 is completed (assuming no 
Exclusion Notices are filed).

The following motion has been proposed by Chris Bailey of Entrust Datacard and 
endorsed by Ben Wilson of DigiCert, and Wayne Thayer of GoDaddy to introduce 
new Final Maintenance Guidelines for the "Baseline Requirements Certificate 
Policy for the Issuance and Management of Publicly-Trusted Certificates" 
(Baseline Requirements) and the "Guidelines for the Issuance and Management of 
Extended Validation Certificates" (EV Guidelines).

-- MOTION BEGINS --

Ballot Section 1

BR 4.2.1 is amended to read as follows:

[Ballot amendments shown against BR 4.2.1 as it currently exists without the 
changes adopted in Ballot 193]

BR 4.2.1. Performing Identification and Authentication Functions

The certificate request MAY include all factual information about the Applicant 
to be included in the Certificate, and such additional information as is 
necessary for the CA to obtain from the Applicant in order to comply with these 
Requirements and the CA’s Certificate Policy and/or Certification Practice 
Statement. In cases where the certificate request does not contain all the 
necessary information about the Applicant, the CA SHALL obtain the remaining 
information from the Applicant or, having obtained it from a reliable, 
independent, third‐party data source, confirm it with the Applicant. The CA 
SHALL establish and follow a documented procedure for verifying all data 
requested for inclusion in the Certificate by the Applicant.

Applicant information MUST include, but not be limited to, at least one 
Fully‐Qualified Domain Name or IP address to be included in the Certificate’s 
SubjectAltName extension.

Section 6.3.2 limits the validity period of Subscriber Certificates. The CA MAY 
use the documents and data provided in Section 3.2 to verify certificate 
information, provided that: the CA obtained the data or document from a source 
specified under Section 3.2 no more than thirty‐nine (39) months prior to 
issuing the Certificate.

(1) Prior to March 1, 2018, the CA obtained the data or document from a source 
specified under Section 3.2 no more than 39 months prior to issuing the 
Certificate; and

Re: [cabfpub] Ballot 197 – Effective Date of Ballot 193 Provisions (amended April 26)

[Gervase Markham via Public]

On 26/04/17 06:45, Kirk Hall via Public wrote:
> Voting on this amended ballot will begin tomorrow, April 26, at 22:00 UTC.

Mozilla votes ABSTAIN. (Matching our vote on ballot 194.)

Gerv

___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public