Maybe someone could provide an example of how the BR version number would appear at the end of each validation method? For example, would it look like this? [BR 1.5.0] - with the implication that the method was allowed as of BR v. 1.5.0 going forward until the current version of the BRs? If the method were changed, would someone need to keep track that the language was XYZ from version 1.4.6 through version 1.5.4? Thanks, Ben
-----Original Message----- From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Ryan Sleevi via Public Sent: Friday, July 21, 2017 9:08 AM To: Kirk Hall <kirk.h...@entrustdatacard.com>; CA/Browser Forum Public Discussion List <public@cabforum.org> Subject: Re: [cabfpub] [EXTERNAL]Re: Ballot 190 - Recording BR Version Number Hi Kirk, As we saw from the discussions of Ballot 190, the inclusion of additional information "for clarity's sake" can have the deleterious side-effect of changing both the meaning and interpretation. The clarifications that had previously been proposed had notable issues they introduced. So I don't think we can say there is no harm - and, in general, it means even more work to maintain these documents - so I'm hoping we can find a situation in which there is a single, well-understood path, rather than attempting to restate it several times. Given that these represent technical standards documents, and understanding that it takes a degree of professional expertise to understand and interpret them (much like any other standards document), it doesn't seem entirely unfair to suggest that there may be elements that are difficult for the lay-person, provided that they're unambiguous for the practitioners. On Fri, Jul 21, 2017 at 11:02 AM, Kirk Hall via Public <public@cabforum.org> wrote: > Meant for public list -- see my response below. > > -----Original Message----- > From: Ryan Sleevi [mailto:sle...@google.com] > Sent: Thursday, July 20, 2017 6:09 PM > To: Kirk Hall <kirk.h...@entrustdatacard.com> > Subject: Re: [EXTERNAL]Re: [cabfpub] Ballot 190 - Recording BR Version > Number > > Hi Kirk, > > Did you mean to omit the list? > > On Thu, Jul 20, 2017 at 9:08 PM, Kirk Hall <kirk.h...@entrustdatacard.com> > wrote: >> The two responses (Gerv's and mine) are not in conflict, and there is no >> harm in including the extra information in the BRs. I'm a big believer in >> helping people avoid mistakes when it's easy to do. >> >> -----Original Message----- >> From: Ryan Sleevi [mailto:sle...@google.com] >> Sent: Thursday, July 20, 2017 6:02 PM >> To: Kirk Hall <kirk.h...@entrustdatacard.com>; CA/Browser Forum >> Public Discussion List <public@cabforum.org> >> Cc: Wayne Thayer <wtha...@godaddy.com> >> Subject: [EXTERNAL]Re: [cabfpub] Ballot 190 - Recording BR Version >> Number >> >> Kirk, >> >> Given that the Forum already publishes its Ballots - and keeps track of >> changes within the documents - and given CAs are already required to >> annually review their CP/CPS (in addition to following the current published >> version), do you believe Gerv's response is not a perfectly reasonable and >> easy to accomplish approach? >> >> It would be useful to understand, given all the existing tools and >> practices, what's missing. >> >> On Thu, Jul 20, 2017 at 8:19 PM, Kirk Hall via Public <public@cabforum.org> >> wrote: >>> Wayne, I think your idea has merit in this special situation – and >>> it’s something we can probably accomplish without a ballot. >>> >>> >>> >>> Statute books commonly have notations at the end of each statute >>> showing all the times the statute was amended – often it will show >>> year and public law number (in “reverse” order with the most recent >>> first) so users can go back and find each law that affected a current >>> statute. >>> >>> >>> >>> When we compile the BRs after Ballot 190 passes, we can put the BR >>> version number where each of the 10 methods was LAST amended by the >>> Forum. That way, a CA who looks at the most recent BR compilation >>> will know which methods have been recently amended, and which have >>> not. No one has to use this information, but it would be easy to >>> include in a footnote at the end of BR 3.2.2.4, and update when there is >>> any further change. >>> >>> >>> >>> Ben and I will discuss after Ballot 190 has passed. >>> >>> >>> >>> From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Wayne >>> Thayer via Public >>> Sent: Tuesday, July 18, 2017 6:32 PM >>> To: public@cabforum.org >>> Subject: [EXTERNAL][cabfpub] Ballot 190 - Recording BR Version >>> Number >>> >>> >>> >>> Ballot 190 Includes the following statement in 3.2.2.4: >>> >>> >>> >>> The CA SHALL maintain a record of which domain validation method, >>> including relevant BR version number, they used to validate every domain. >>> >>> >>> >>> While I understand the logic behind this, I’m concerned about the >>> “relevant BR version number”. This could be interpreted in a number of >>> imprecise ways. >>> For instance, does ballot 202 require CAs to update their system to >>> record compliance with changes to the definitions in some of the methods? >>> >>> >>> >>> I suggest that we add version numbers to each of the 10 validation >>> methods listed in the BRs and require CAs to record compliance with >>> a specific version of the validation method for each domain they >>> validate. This allows ballot authors to explicitly increment the >>> version number of a given method when a material change is made, and >>> provides clear guidance to CAs on what version number to record. >>> >>> >>> >>> Thanks, >>> >>> >>> >>> Wayne >>> >>> >>> _______________________________________________ >>> Public mailing list >>> Public@cabforum.org >>> https://cabforum.org/mailman/listinfo/public >>> > _______________________________________________ > Public mailing list > Public@cabforum.org > https://cabforum.org/mailman/listinfo/public _______________________________________________ Public mailing list Public@cabforum.org https://cabforum.org/mailman/listinfo/public
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Public mailing list Public@cabforum.org https://cabforum.org/mailman/listinfo/public
