I see, it was added as a hint for CAs to also assist in improving these open source linting tools like some CAs have done in the past. As part of a SHOULD, it would be helpful to get some CAs involved into building and improving existing lints.
I can remove the parenthesis and add it as a clear SHOULD if this is helpful. Will this work better? Dimitris PS: I will respond to Ryan's post later this week after consulting with the co-sponsors. May 21, 2024 10:31:41 Inigo Barreira <[email protected]>: > Sure, in the last para of section 4.3.1.2, the sentence “… but CAs SHOULD use > (and help improve) the Linting tools …” and I was suggesting removing that > “(and help improve)” because IMO this can´t go in the main > requirement/recommendation and “the help to improve” be seen as another > requirement instead of a suggestion or willing to act which I think is what > you had in mind. > *De:* Dimitris Zacharopoulos <[email protected]> > *Enviado el:* lunes, 20 de mayo de 2024 22:01 > *Para:* Inigo Barreira <[email protected]> > *CC:* CA/B Forum Server Certificate WG Public Discussion List > <[email protected]> > *Asunto:* Re: [Servercert-wg] Ballot SC-75 - Pre-sign linting > CAUTION: This email originated from outside of the organization. Do not click > links or open attachments unless you recognize the sender and know the > content is safe. > Hello Inigo, > > Can you be more specific? Which part of the ballot redline seems to need an > update/removal? > > > Thanks, > > DZ. > > May 20, 2024 21:03:50 Inigo Barreira <[email protected]>: > > Hi Dimitris, > I don´t know if the “(help to improve)” is adding any additional hidden > requirement. IMO, I´d remove that. > Regards > *De:* Servercert-wg <[email protected]> *En nombre de > *Dimitris Zacharopoulos (HARICA) via Servercert-wg > *Enviado el:* lunes, 20 de mayo de 2024 19:57 > *Para:* CA/B Forum Server Certificate WG Public Discussion List > <[email protected]> > *Asunto:* [Servercert-wg] Ballot SC-75 - Pre-sign linting > CAUTION: This email originated from outside of the organization. Do not click > links or open attachments unless you recognize the sender and know the > content is safe. > > **SC-75 Pre-sign linting** > > **Summary** > > There have been numerous compliance incidents publicly disclosed by CAs in > which they failed to comply with the technical requirements described in > standards associated with the issuance and management of publicly-trusted TLS > Certificates. However, the industry has developed open-source tools, linters, > that are free to use and can help CAs avoid certificate misissuance. Using > such linters before issuing a precertificate from a Publicly-Trusted CA > (pre-issuance linting) can prevent the mis-issuance in a wide variety of > cases. > > The following motion has been proposed by Dimitris Zacharopoulos of HARICA > and endorsed by Corey Bonnell of Digicert and Ben Wilson of Mozilla. > > You can view the GitHub pull request representing this ballot > here[https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fcabforum%2Fservercert%2Fpull%2F518&data=05%7C02%7CInigo.Barreira%40sectigo.com%7C6f327905edc541f7c3fd08dc79078854%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C638518320528526443%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=K%2Fj0547gXHAx%2BIIdsH7NYx0qS8GhfFW5j76EVHHFr4Q%3D&reserved=0]. > > > > **Motion Begins** > > MODIFY the "Baseline Requirements for the Issuance and Management of > Publicly-Trusted TLS Server Certificates" based on Version 2.0.4 as specified > in the following redline: > > * > https://github.com/cabforum/servercert/compare/049237e096650fe01f67780b7c24bd5211ee3038...ada5d6e0db76b32be28d64edd7b0677bbef9c2f5[https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fcabforum%2Fservercert%2Fcompare%2F049237e096650fe01f67780b7c24bd5211ee3038...ada5d6e0db76b32be28d64edd7b0677bbef9c2f5&data=05%7C02%7CInigo.Barreira%40sectigo.com%7C6f327905edc541f7c3fd08dc79078854%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C638518320528547003%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=DWlMpSaUKYyt1aV75S9nSuNk1kAlCn58%2FDl5w%2FGjoEQ%3D&reserved=0] > > > **Motion Ends** > > This ballot proposes a Final Maintenance Guideline. The procedure for > approval of this ballot is as follows: > > > **Discussion (at least 7 days)** > > * Start time: 2024-05-20 18:00:00 UTC > * End time: on or after 2024-05-27 18:00:00 UTC > > **Vote for approval (7 days)** > > * Start time: TBD > * End time: TBD
_______________________________________________ Servercert-wg mailing list [email protected] https://lists.cabforum.org/mailman/listinfo/servercert-wg
