Mozilla votes "yes" on this ballot. On Tue, Apr 23, 2024, 5:59 PM Clint Wilson via Netsec <netsec@cabforum.org> wrote:
> Ballot NS-003 is proposed by Clint Wilson of Apple and endorsed by Trevoli > Ponds-White of Amazon and David Kluge of Google Trust Services. > > *Purpose of Ballot* > > This ballot proposes a comprehensive restructuring of the Network and > Certificate System Security Requirements (NCSSRs), excepting Section 4. The > current structure of the document has proven to be challenging for creating > ballots, contains duplicated requirements, and separates similar > requirements across the document. These issues have led to inefficiencies > in managing and implementing security standards. Therefore, this proposal > aims to streamline the document's structure, eliminate redundancies, > improve comprehensibility, and enhance clarity and coherence. > > *Reasons for Proposal:* > > > - *Complexity in Ballot Creation*: The current document structure can > make it difficult to create and manage ballots efficiently, leading to > somewhat awkward updating processes, abandoned ballots, and a lack of > confidence that ballots effect the intended changes. > - *Redundancy*: Over time, some parts of the NCSSRs have touched on > the same topic, leading to some duplication across the document and further > to confusion and inconsistency in implementation. > - *Fragmentation*: Similar requirements for different parts of a CA’s > NCSSR-relevant infrastructure are scattered throughout the document, making > it somewhat more difficult for to locate and comprehend a complete picture > of these requirements effectively. > - *Minor Issues*: The document contains other, more minor issues that > also impede its usability and effectiveness, such as missing definitions, > unclear list structures, and requirements that are more optional than they > may currently appear. > > > *Benefits of the Updated Document Structure:* > > > - *Enhanced Clarity*: The revised structure should improve the clarity > and coherence of the document, making the requirements it represents easier > to understand, as well as result in greater consistency when implementing > or assessing its security requirements. > - *Future Updates*: A more granular document structure should improve > the process of creating and managing ballots in the future. Similarly, the > improved proximity of related requirements should hopefully aid in > identifying the areas the NCSSRs can most benefit from further attention. > - *Grouping and De-duplication of Similar Requirements*: By > consolidating duplicated requirements, the updated document should make it > much easier to find, comprehend, assess, and implement related > requirements. > - *Clearer Recommendations*: The updated document includes a number of > additional “SHOULD”-type stipulations, clarifying some of the language in > the current NCSSRs such that it’s easier to identify where the NCSSRs > impose a strict requirement as opposed to a strong recommendation. > > > Overall, this ballot proposal seeks to address existing challenges in > updating the current version of the NCSSRs and pave the way for future > improvements to the NCSSRs. > > *MOTION BEGINS* > > This ballot modifies the “Network and Certificate System Security > Requirements” as follows, based on version 1.7: > > > https://github.com/cabforum/netsec/compare/c62a2f88e252de5c79b101fa3c9e9c536388639a...8bd66d27c07e30d1f4d9e6dd57b075bca499bf2e > > *MOTION ENDS* > > The procedure for approval of this ballot is as follows: > > *Discussion Period* (14+ days) > > Start Time: 2024-April-09 16:00 UTC > End Time: 2024-April-23 15:59 UTC > > *Voting Period* (7 days) > > Start Time: 2024-April-23 16:00 UTC > End Time: 2024-April-30 16:00 UTC > _______________________________________________ > Netsec mailing list > Netsec@cabforum.org > https://lists.cabforum.org/mailman/listinfo/netsec >
_______________________________________________ Netsec mailing list Netsec@cabforum.org https://lists.cabforum.org/mailman/listinfo/netsec