CFCA votes Yes
Zhang Yi
China Financial Certification Authority
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Gervase Markham
via Public
Sent: Monday, June 26, 2017 8:18 AM
To: CABFPub
Subject: [EXTERNAL][cabfpub] Ballot 204: Forbid DTPs from doing
GDCAvotes Yes on ballot 204.
Yongqiang ZHANG
Global Digital Cybersecurity Authority CO., LTD.
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Gervase Markham
via Public
Sent: Monday, June 26, 2017 8:18 AM
To: CABFPub public@cabforum.org
Subject: [EXTERNAL][cabfpub] Ballot
I suppose one challenge I have with "infrequently used" is that it
effectively states that CAs do not believe that OCSP Stapling
should/can be used for all certificates. That is, I think one vision
of the future would be to say all sites support OCSP stapling, and all
(Web PKI) clients request
More of "it would be nice" for OCSP responder certs. Right now, we run all
OCSP through our CA hardware. Yes - your summary is exactly what I was
thinking. We can roll responder certs pretty easily but the signing limit is
often hardware-based. Moving to Level 2 hardware gives us more
I'm not sure - are you suggesting that the BRs (and/or NetSec
guidelines) allow for that? Or is that more a "Would be nice"?
For the incremental improvement of a normative profile, I'd rather
keep the status quo - which I believe already requires the hardware
key protection at Level 3 in Section
> On Jul 10, 2017, at 1:47 PM, Jeremy Rowley via Public
> wrote:
>
> A shorter validity period for responders isn’t painful, but could we have a
> looser interpretation on hardware? What if delegated responder certs were
> stored in FIPS 140-2 Level 2 if they were short
A shorter validity period for responders isn’t painful, but could we have a
looser interpretation on hardware? What if delegated responder certs were
stored in FIPS 140-2 Level 2 if they were short periods?
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Ryan Sleevi via
Entrust votes Yes for ballot 204.
Bruce.
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Gervase Markham
via Public
Sent: Monday, June 26, 2017 8:18 AM
To: CABFPub
Subject: [EXTERNAL][cabfpub] Ballot 204: Forbid DTPs from doing Domain/IP
Ownership
So far we have only 7 votes; I believe quorum is 12 votes.
___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public
Comodo votes Yes on Ballot 204
Regards,
Rich Smith
Senior Compliance Manager
Comodo
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Gervase Markham
via Public
Sent: Monday, June 26, 2017 7:18 AM
To: CABFPub
Subject: [cabfpub] Ballot 204: Forbid DTPs
HARICA votes "yes" to ballot 204.
Dimitris.
On 26/6/2017 3:18 μμ, Gervase Markham via Public wrote:
*Ballot 204: Forbid DTPs from doing Domain/IP Ownership Validation
*
*Purpose of Ballot: *At the moment, CAs are permitted to delegate the
process of domain and IP address validation.
11 matches
Mail list logo