eMudhra votes YES to Ballot SC-75 From: Servercert-wg <[email protected]> on behalf of Dimitris Zacharopoulos (HARICA) via Servercert-wg <[email protected]> Date: Wednesday, 19 June 2024 at 4:13 AM To: CA/B Forum Server Certificate WG Public Discussion List <[email protected]> Subject: [Servercert-wg] [Voting Begins] Ballot SC-75 v3 - Pre-sign linting CAUTION: This email is originated from outside of the organization. Do not open the links or the attachments unless you recognize the sender and know the content is safe.
Voting begins for this ballot. SC-75 v3 Pre-sign linting Summary There have been numerous compliance incidents publicly disclosed by CAs in which they failed to comply with the technical requirements described in standards associated with the issuance and management of publicly-trusted TLS Certificates. However, the industry has developed open-source tools, linters, that are free to use and can help CAs avoid certificate misissuance. Using such linters before issuing a precertificate from a Publicly-Trusted CA (pre-issuance linting) can prevent the mis-issuance in a wide variety of cases. The following motion has been proposed by Dimitris Zacharopoulos of HARICA and endorsed by Corey Bonnell of Digicert and Ben Wilson of Mozilla. You can view the GitHub pull request representing this ballot here<https://github.com/cabforum/servercert/pull/518>. Motion Begins MODIFY the "Baseline Requirements for the Issuance and Management of Publicly-Trusted TLS Server Certificates" based on Version 2.0.5 as specified in the following redline: * https://github.com/cabforum/servercert/compare/20af1b271f2b689344ae353d3e78dc6b772199db...d809c41bc063109e15d46bfe1b5ad6403d823381 Motion Ends This ballot proposes a Final Maintenance Guideline. The procedure for approval of this ballot is as follows: Discussion (at least 7 days) * Start time: 2024-06-12 06:30:00 UTC * End time: on or after 2024-06-19 06:30:00 UTC Vote for approval (7 days) * Start time: 2024-06-19 10:00:00 UTC * End time: 2024-06-26 10:00:00 UTC Disclaimer: The email and its contents hold confidential information and are intended for the person or entity to which it is addressed. If you are not the intended recipient, please note that any distribution or copying of this email is strictly prohibited as per Company Policy, you are requested to notify the sender and delete the email and associated attachments with it from your system.
_______________________________________________ Servercert-wg mailing list [email protected] https://lists.cabforum.org/mailman/listinfo/servercert-wg
