Hi Inigo,
On Mon, 6 Nov 2023, Inigo Barreira via Servercert-wg wrote:
- Motion Begins -
This ballot modifies the "Baseline Requirements for the Issuance and
Management of Publicly-Trusted Certificates" ("Baseline Requirements"),
based on Version 2.0.1.
MODIFY the Baseline Requirements as specified in the following Pull Request:
Comparing
90a98dc7c1131eaab01af411968aa7330d315b9b...d2ad035a4acb3ee78d7f4713afd0479892bda08d
� cabforum/servercert
(github.com)<https://github.com/cabforum/servercert/compare/90a98dc7c1131eaab01af411968aa7330d315b9b...d2ad035a4acb3ee78d7f4713afd0479892bda08d>
Regarding the change from
Network and Certificate System Security Requirements, Version 1.7,
available at
<https://cabforum.org/wp-content/uploads/CA-Browser-Forum-Network-Security-Guidelines-v1.7.pdf>.
to
Network and Certificate System Security Requirements, available at
<https://cabforum.org/network-security-requirements/>
I wonder, who has authority over
https://cabforum.org/network-security-requirements/, i.e. the ability to
publish new versions there? Is it the NetSec WG?
I seem to remember that, when the NetSec WG was formed, there were
concerns raised related to maintaining the NCSSRs in a WG that not all
members of all WGs that produce documents referencing the NCSSRs are
members of. If I remember correctly, this related both to the IPR
situation as well as the normative content. I seem to remember that the
concensus at the time was that other WGs would incorporate new versions of
the NCSSRs by versioned reference, and that that would alleviate most of
the problems.
Whether I remember this wrong or not, if the effect is that the NetSec WG
gets to make normative changes to the SCWG BRs by reference as a result of
this change, then I don't think it is appropriate to do this as part of a
"Clean-up" Ballot.
Tobi
_______________________________________________
Servercert-wg mailing list
[email protected]
https://lists.cabforum.org/mailman/listinfo/servercert-wg
