Re: [cabfpub] Voting Begins: Ballot 220: Minor Cleanups (Spring 2018)

Comodo CA votes YES Rich Smith Senior Compliance Manager ComodoCA.com From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Tim Hollebeek via Public Sent: Friday, March 23, 2018 5:40 AM To: CA/Browser Forum Public Discussion List Subject: [cabfpub] Voting

Re: [cabfpub] Seeking Volunteers!

Tim, I can take methods 2-4. Regards, Rich From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Tim Hollebeek via Public Sent: Tuesday, February 6, 2018 10:45 AM To: CA/Browser Forum Public Discussion List Subject: [cabfpub] Seeking Volunteers! I'm

Re: [cabfpub] Review Notices

I think Ryan and Kirk are both right. Ryan in that for effective review the change must be reviewed and understood as part of the whole, Kirk in that sending out the whole document without redlining the specific changes under review also makes review more difficult. I propose that we change

Re: [cabfpub] Voting begins: Ballot 218 version 2

Comodo CA votes YES on Ballot 218. From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Tim Hollebeek via Public Sent: Monday, January 29, 2018 3:52 PM To: CA/Browser Forum Public Discussion List Subject: [cabfpub] Voting begins: Ballot 218 version 2 I'm

Re: [cabfpub] [EXTERNAL] Verification of Domain Contact and Domain Authorization Document

My position is that you can't verify domain ownership because the registrars by and large do absolutely nothing to verify the information input by the registrants. What are you actually verifying? As such technical demonstration of domain control is the best we've got. I liken it to the old

Re: [cabfpub] [EXTERNAL] Verification of Domain Contact and Domain Authorization Document

Mads, I appreciate you trying to save this method, but IMO there is nothing that can be done to strengthen this method enough to protect it against social engineering. Your proposal relies on the assumption that EVERY validation agent of EVERY CA MUST have at least the same level of understanding

Re: [cabfpub] Ballot 218: Remove validation methods #1 and #5

From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Dimitris Zacharopoulos via Public Sent: Friday, January 5, 2018 5:44 AM --- BEGIN updated language for 3.2.2.4.1 --- Confirming the Applicant's control over the FQDN by validating the Applicant is the Domain Contact directly

Re: [cabfpub] Verification of Domain Contact and Domain Authorization Document

Notwithstanding potential discussions to revamp this method, I stand by removal at this time as it is currently dreadfully insecure and nowhere near equivalent to the other methods. From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Doug Beattie via Public Sent: Wednesday,

Re: [cabfpub] Ballot 218: Remove validation methods #1 and #5

I agree with Ryan on this and stand by my endorsement of this ballot to move forward. I’m not opposed to adding 3.2.2.4.1 back in if it can be made much more secure and brought up to equivalent level with the other methods, but I also have my doubts as to whether or not that is possible in the

Re: [cabfpub] Revocation as a domain owner

Matthias, Please send me the details privately so that I can look into this for you. This seems like a mistake on the part of whoever handled your request and probably indicates a shortcoming in training. Regards, Rich Smith Sr. Compliance Manager Comodo From: Public

Re: [cabfpub] Verification of Domain Contact and Domain Authorization Document

Jeremy, I would also happily endorse a ballot removing both these methods. -Rich From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Ryan Sleevi via Public Sent: Tuesday, December 19, 2017 4:03 PM To: Jeremy Rowley ; CA/Browser Forum Public

Re: [cabfpub] Voting has started on Ballot 207 - ASN.1 Jurisdiction in EV Guidelines

Comodo votes YES From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Kirk Hall via Public Sent: Monday, October 16, 2017 6:58 PM To: CA/Browser Forum Public Discussion List Subject: [cabfpub] Voting has started on Ballot 207 - ASN.1 Jurisdiction in EV Guidelines

Re: [cabfpub] Assigning ballot numbers - WAS: Ballot 212: Canonicalise formal name of the Baseline Requirements

If as a practice we are assigning ballot numbers to a ballot that does not yet have a proposer and two endorsers we should stop that. It’s not officially a ballot until that happens and throwing a number on a discussion topic, even one which is in the form of a ballot, just causes confusion.

Re: [cabfpub] EV 11.2.1 Private Organization registration number or date

appen in an exception case. On Fri, Sep 1, 2017 at 10:56 AM, Rich Smith via Public <public@cabforum.org <mailto:public@cabforum.org> > wrote: To follow up, first, I agree with Ryan that issuance w/out either registration number or registration date is prohibited under current EVG t

Re: [cabfpub] EV 11.2.1 Private Organization registration number or date

To follow up, first, I agree with Ryan that issuance w/out either registration number or registration date is prohibited under current EVG text. I’d like to see us make some change to the Guidelines to address this because I’ve come across several examples over the years where this has been

[cabfpub] EV 11.2.1 Private Organization registration number or date

EVG 11.2.1 (1)(c) states: (C) Registration Number: Obtain the specific Registration Number assigned to the Applicant by the Incorporating or Registration Agency in the Applicant's Jurisdiction of Incorporation or Registration. Where the Incorporating or Registration Agency does not assign a

Re: [cabfpub] [Ext] Ballot 202 - Underscore and Wildcard Characters

[mailto:public-boun...@cabforum.org] On Behalf Of Paul Hoffman via Public Sent: Monday, July 31, 2017 1:20 PM To: CA/Browser Forum Public Discussion List <public@cabforum.org> Subject: Re: [cabfpub] [Ext] Ballot 202 - Underscore and Wildcard Characters On Jul 31, 2017, at 10:45 AM, Rich Smi

Re: [cabfpub] Ballot 202 - Underscore and Wildcard Characters

Hi Peter, Overall, I like your suggestions, but could I ask that in definitions where you refer to outside RFC definitions that you include those outside definitions verbatim so that someone reading the BRs does not have to go scouring through all the various RFCs? For example: Change:

Re: [cabfpub] Random value reuse

Peter, You make good points. How about something along the lines of: The CA SHALL NOT share the random value generated for methods 2 and/or 4 with the Applicant via any other method, but the CA MAY accept that random value for verification under methods 6, 7 and 10. From: Public

Re: [cabfpub] Random value reuse

I think the random value should simply be tied to a particular certificate request and leave the rest up to the CA and the subscriber. More detailed comments inline below. From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Jeremy Rowley via Public Sent: Tuesday, July 25, 2017

Re: [cabfpub] What is 'misuse'?

rect issuance - https://cabforum.org/2016/02/12/ballot-161/ - which similarly touched on a substantial discussion of these two words. On Mon, Jul 17, 2017 at 11:49 AM, Rich Smith via Public <public@cabforum.org> wrote: > The BRs use the term misuse/misused in multiple places in regar

[cabfpub] What is 'misuse'?

The BRs use the term misuse/misused in multiple places in regards to reasons for revocation, and Subscriber representations, but do not define the term. What constitutes misuse of a certificate? Phishing? Fraud? Or is it only compromise of the private key or other action that results in

Re: [cabfpub] Ballot 204: Forbid DTPs from doing Domain/IP Ownership Validation

Comodo votes Yes on Ballot 204 Regards, Rich Smith Senior Compliance Manager Comodo From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Gervase Markham via Public Sent: Monday, June 26, 2017 7:18 AM To: CABFPub Subject: [cabfpub] Ballot 204: Forbid DTPs

Re: [cabfpub] Voting has started on Ballot 192 - Notary revision

Comodo votes Yes. From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Kirk Hall via Public Sent: Sunday, June 25, 2017 4:53 PM To: CA/Browser Forum Public Discussion List Subject: [cabfpub] Voting has started on Ballot 192 - Notary revision Voting ends the

Re: [cabfpub] Baseline Requirements "Certificate Policy" for the Issuance and Management of Publicly-Trusted Certificates

Should we put this forth as a ballot? Anyone who might have reason that we should go the other way can bring it up in the discussion period. From: Ryan Sleevi [mailto:sle...@google.com] Sent: Wednesday, June 21, 2017 9:30 AM To: Gervase Markham Cc: Rich Smith

Re: [cabfpub] Baseline Requirements "Certificate Policy" for the Issuance and Management of Publicly-Trusted Certificates

If I’m not mistaken, Gerv is saying, rather than update a bunch of text in other places, how about changing the name back to Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates. Gerv, if that is correct, I second the motion. -Rich From: Public

Re: [cabfpub] [EXTERNAL]Re: CA/Browser Face to Face Meeting 41 Agenda – Berlin

Ryan, I’m not sure I see the point of hearing from those who have had no difficulty with our past timetables. If they had no difficulties, then it seems, for them, our processes and timetables were perfectly acceptable, so what is it that we might learn from them, at least at this stage? I

Re: [cabfpub] CAB Forum Draft Code of Conduct

I’m generally not in favor of things such as this because in my view it shouldn’t need to be stated that one should engage with ones’ fellow humans with respect, dignity and a modicum of decorum. That said, further comments inline below. From: Public [mailto:public-boun...@cabforum.org] On

Re: [cabfpub] Ballot 194 – Effective Date of Ballot 193 Provisions

Comodo votes YES From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Chris Bailey via Public Sent: Sunday, April 2, 2017 3:27 PM To: public@cabforum.org Cc: Chris Bailey Subject: [cabfpub] Ballot 194 – Effective Date of Ballot 193 Provisions

Re: [cabfpub] Ballot 196: Define "Audit Period"

Comodo votes YES From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Gervase Markham via Public Sent: Monday, April 3, 2017 1:06 PM To: CABFPub Cc: Gervase Markham Subject: [cabfpub] Ballot 196: Define "Audit Period" Ballot 196 - Define

Re: [cabfpub] Ballot 195: CAA Fixup

Comodo votes YES From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Gervase Markham via Public Sent: Monday, April 3, 2017 12:58 PM To: CABFPub Cc: Gervase Markham Subject: [cabfpub] Ballot 195: CAA Fixup Ballot 195 - CAA Fixup Purpose

Re: [cabfpub] Ballot 189 (revised) - Amend Section 6.1.7 of Baseline Requirements

Comodo votes YES From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Dimitris Zacharopoulos via Public Sent: Wednesday, April 5, 2017 2:47 AM To: public@cabforum.org Cc: Dimitris Zacharopoulos Subject: [cabfpub] Ballot 189 (revised) - Amend Section 6.1.7 of

Re: [cabfpub] Naming rules

Would modifying Ben’s proposed wording to this resolve the issue? This field is also optional if the organization is uniquely identifiable by registration in a X.500 directory which has been adopted by the national government in the same jurisdiction as the organization, and which does not

Re: [cabfpub] Naming rules

Ryan, Ben’s wording states that the registry is at the national level, so rather than talking about Jurisdiction A and B, the labels are correctly Country A and Country B, therefore even if every other field in the registries were the same the C field will always be unique to the particular

Re: [cabfpub] Certificate lifetimes: end state or trajectory?

You can make the move to hard fail any time you like. -Original Message- From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Gervase Markham via Public Sent: Friday, March 10, 2017 6:37 AM To: Kirk Hall ; CA/Browser Forum Public Discussion List

Re: [cabfpub] Voting has started on Ballot 183 – Amending the Bylaws to Clarify the Ballot Approval Process

Comodo votes YES On 1/25/2017 9:27 AM, Kirk Hall via Public wrote: Voting has started on Ballo3 183, and continues through Tuesday, January 31, 2017 at 22:00 UTC. Please vote via the Public list. *B**allot 183 – Amending the Bylaws to Clarify the Ballot Approval Process* *//* The