[cabfpub] Results on Ballot 196 - Define "Audit Period"

The voting period for Ballot 196 has ended. Here are the results. Voting by CAs - 19 votes total including abstentions 19 Yes votes: Izenpe, HARICA, Entrust, SwissSign, OATI, DigiCert, TurkTrust, SSC, GDCA, Disig, Comodo, GlobalSign, Chunghwa Telecom, Cisco, SHECA, Trustwave, Buypass,

[cabfpub] Results on Ballot 195 - CAA Fixup

The voting period for Ballot 195 has ended. Here are the results. Voting by CAs - 18 votes total including abstentions 18 Yes votes: Entrust, Izenpe, QuoVadis, OATI, SwissSign, DigiCert, TurkTrust, HARICA, GDCA, Actalis, Disig, GlobalSign, Comodo, SHECA, Cisco, Trustwave, Buypass, Symantec 0

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

On Mon, Apr 17, 2017 at 2:47 PM, Dean Coclin wrote: > “Unless it can be demonstrated that this message was received by all > participants subscribed, and was able to be crawled and index by an > Internet search engine, I do not believe you can argue that the "posting" >

Re: [cabfpub] Require commonName in Root and Intermediate Certificates ballot draft (2)

I agree. If the date is omitted, the effective date is immediately then it should be right after the review period ends. I don’t see any impact from the change (and 30 v. 60 makes no difference for the particular ballot). My only goal is to clarify the process for future ballots and get

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

There’s a third option, but the results are the same as #1. IMO, the current results fall in a grey area not adequately addressed by the CAB Forum process. Therefore, the results of the ballot are “Indeterminant” (or something similar) as the process required by the bylaws wasn’t followed.

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

“Unless it can be demonstrated that this message was received by all participants subscribed, and was able to be crawled and index by an Internet search engine, I do not believe you can argue that the "posting" requirement has been met. We must look at the entirity of the Bylaws, and choosing

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

Test. AK Aaron E. Kornblum | GPM, Governance, Risk Mgt. & Compliance (GRC) Windows and Devices Group (WDG) Microsoft Corp.|One Microsoft Way|Redmond, WA 98052 Office (425) 705-3210|Fax (425) 936-7329| aaro...@microsoft.com -Original Message- From: Public

Re: [cabfpub] Require commonName in Root and Intermediate Certificates ballot draft (2)

On Mon, Apr 17, 2017 at 1:17 PM, Jeremy Rowley via Public < public@cabforum.org> wrote: > Why the sigh? I think we should have a bright-line rule about when the > scope/date should be in the proposed ballot vs. when the scope/date must > be in > the document itself. Otherwise, the objection to

Re: [cabfpub] Require commonName in Root and Intermediate Certificates ballot draft (2)

Why the sigh? I think we should have a bright-line rule about when the scope/date should be in the proposed ballot vs. when the scope/date must be in the document itself. Otherwise, the objection to including a date in the ballot v. BR text seems arbitrary. If I understand correctly, the

Re: [cabfpub] Require commonName in Root and Intermediate Certificates ballot draft (2)

On Mon, Apr 17, 2017 at 12:43 PM, Dimitris Zacharopoulos wrote: > > I remember this being discussed at the Bilbao meeting and it was also in > the published minutes >

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

Agreed. -Original Message- From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Gervase Markham via Public Sent: Monday, April 17, 2017 10:45 AM To: CA/Browser Forum Public Discussion List Cc: Gervase Markham Subject: Re: [cabfpub]

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

On 17/04/17 17:33, Wayne Thayer via Public wrote: > That is correct. The public list is configured to “discard” messages > from non-members, meaning that no rejection notice is sent. Regardless of anything else, perhaps we should change that setting to "Reject". Gerv

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

This would appear to be true. I just tried sending from a mail from an unsubscribed account to public@cabforum.org and didn’t get any bounce message nor did the message end up on the list. It appears that the list blackholes messages that are not from subscribers.

Re: [cabfpub] Require commonName in Root and Intermediate Certificates ballot draft (2)

I remember this being discussed at the Bilbao meeting and it was also in the published minutes . It was a very interesting discussion and the minutes describe

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

Correct – had Gordon been subscribed to the list he could have seen that the message wasn’t delivered, but there’s no way to tell if you’re not subscribed. From: Jeremy Rowley Date: Monday, April 17, 2017 at 9:38 AM To: CA/Browser Forum Public Discussion List

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

So neither Kirk nor Microsoft had any notice that their email didn’t reach the public list? From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Wayne Thayer via Public Sent: Monday, April 17, 2017 10:34 AM To: CA/Browser Forum Public Discussion List Cc:

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

>> Gordon, as the sender of the message, would also be unaware that he did not >> have posting privs to the public list (unless the listserv notified him >> afterwards-Wayne-does our list serv do this?) That is correct. The public list is configured to “discard” messages from non-members,

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

On Mon, Apr 17, 2017 at 11:06 AM, Dean Coclin via Public < public@cabforum.org> wrote: > Speaking as former chair, I would like to offer my observations on this: > > > > 1. I think everyone was unaware and surprised to see that a vote > was counted from Microsoft since it did not appear on

Re: [cabfpub] Require commonName in Root and Intermediate Certificates ballot draft (2)

On 17/4/2017 6:02 μμ, Ryan Sleevi via Public wrote: On Mon, Apr 17, 2017 at 10:40 AM, Gervase Markham via Public > wrote: On 17/04/17 15:28, Jeremy Rowley wrote: > Doesn't this ballot suffer from the same limitation that Ryan

Re: [cabfpub] BR clarification re: test certificates

On Mon, Apr 17, 2017 at 11:08 AM, Gervase Markham wrote: > On 17/04/17 15:59, Ryan Sleevi wrote: > > It may be useful to state why you believe it's difficult. > > As you have guessed - my surmise was that, particularly with caching, > CDNs, etc., it can be difficult to make

Re: [cabfpub] BR clarification re: test certificates

On 17/04/17 15:59, Ryan Sleevi wrote: > It may be useful to state why you believe it's difficult. As you have guessed - my surmise was that, particularly with caching, CDNs, etc., it can be difficult to make sure that CRLs and OCSP responders are delivering exactly the same information at all

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

Speaking as former chair, I would like to offer my observations on this: 1. I think everyone was unaware and surprised to see that a vote was counted from Microsoft since it did not appear on the public list 2. Kirk, being cc’d on the message, would have no idea that the message

Re: [cabfpub] Require commonName in Root and Intermediate Certificates ballot draft (2)

On Mon, Apr 17, 2017 at 10:40 AM, Gervase Markham via Public < public@cabforum.org> wrote: > On 17/04/17 15:28, Jeremy Rowley wrote: > > Doesn't this ballot suffer from the same limitation that Ryan raised in > > connection with the domain validation ballot? Namely, that this language > > "For

Re: [cabfpub] BR clarification re: test certificates

On Mon, Apr 17, 2017 at 10:05 AM, Gervase Markham wrote: > On 13/04/17 19:26, Ryan Sleevi via Public wrote: > > 5) CRLs and OCSP responses MUST return the same revocation status > > information (presumably, either in Section 2.1 or Section 4.10.1 / > 4.10.2) > > That sounds

Re: [cabfpub] Require commonName in Root and Intermediate Certificates ballot draft (2)

On 17/04/17 15:28, Jeremy Rowley wrote: > Doesn't this ballot suffer from the same limitation that Ryan raised in > connection with the domain validation ballot? Namely, that this language > "For the avoidance of doubt, these updated requirements apply only to root > and intermediate certificates

Re: [cabfpub] Require commonName in Root and Intermediate Certificates ballot draft (2)

Doesn't this ballot suffer from the same limitation that Ryan raised in connection with the domain validation ballot? Namely, that this language "For the avoidance of doubt, these updated requirements apply only to root and intermediate certificates issued after the Effective Date of this ballot,

Re: [cabfpub] Require commonName in Root and Intermediate Certificates ballot draft (2)

On 13/04/17 17:34, Patrick Tronnier wrote: > I will endorse. Thank you. One more? Gerv ___ Public mailing list Public@cabforum.org https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] BR clarification re: test certificates

On 13/04/17 19:26, Ryan Sleevi via Public wrote: > 5) CRLs and OCSP responses MUST return the same revocation status > information (presumably, either in Section 2.1 or Section 4.10.1 / 4.10.2) That sounds like a difficult coordination problem to do strictly. Would it need to say "once more than

Re: [cabfpub] ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

On 17/04/17 02:16, Eric Mill via Public wrote: > I don't think Microsoft cast its vote correctly. Microsoft is aware of > how the CA/Browser Forum list works, and should have been able to cast a > vote from a subscribed member address before the deadline. I think this > obligation is especially

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

On 17/04/17 06:29, Kirk Hall via Public wrote: > OK, to move this along (and avoid endless back and forth that won’t > resolve anything), I have created a Doodle poll on whether or not > Microsoft’s vote on Ballot 194 should be counted. One vote per member > please, only members to vote. Hi

[cabfpub] Ballot 196: Define "Audit Period"

AC Camerfirma votes YES. Regards Ramiro Muñoz Muñoz AC Camerfirma SA. CTO, Exploitation Manager, CISA. +34 619 746 291 · rami...@camerfirma.com. https://www.linkedin.com/in/ramirom. ¿ Has probado c-Office ? firma de documentos, factura