Re: [cabfpub] Restrict certificate lifetime to domain registration period (if certificate expiry date is greater than domain registration)

2018-01-11 Thread James Burton via Public
*The Baseline Requirements, Section 4.9.1.1, requires that the CA revoke if:* *6. The CA is made aware of any circumstance indicating that use of a Fully-Qualified Domain Name or IP* *address in the Certificate is no longer legally permitted (e.g. a court or arbitrator has revoked a Domain Name*

[cabfpub] FW: [EXTERNAL]Re: Analysis of individuals participating as Interested Parties

2018-01-11 Thread Kirk Hall via Public
No, I dropped the Public list accidentally – reposting now. From: Ryan Sleevi [mailto:sle...@google.com] Sent: Thursday, January 11, 2018 3:13 PM To: Kirk Hall Subject: Re: [EXTERNAL]Re: [cabfpub] Analysis of individuals participating as Interested Parties Oh, I

Re: [cabfpub] Restrict certificate lifetime to domain registration period (if certificate expiry date is greater than domain registration)

2018-01-11 Thread Ryan Sleevi via Public
The Baseline Requirements, Section 4.9.1.1, requires that the CA revoke if: 6. The CA is made aware of any circumstance indicating that use of a Fully-Qualified Domain Name or IP address in the Certificate is no longer legally permitted (e.g. a court or arbitrator has revoked a Domain Name

[cabfpub] Restrict certificate lifetime to domain registration period (if certificate expiry date is greater than domain registration)

2018-01-11 Thread James Burton via Public
Shouldn't we start restricting the certificate lifetime to domain registration period if the certificate expiry date is greater than domain registration period? ___ Public mailing list Public@cabforum.org https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] Pre-Ballot 206 - Amendment to IPR Policy & Bylaws re Working Group Formation

2018-01-11 Thread Ben Wilson via Public
Here is a revised draft. From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Dimitris Zacharopoulos via Public Sent: Thursday, January 11, 2018 8:53 AM To: CA/Browser Forum Public Discussion List Subject: Re: [cabfpub] Pre-Ballot 206 - Amendment to IPR Policy

Re: [cabfpub] Analysis of individuals participating as Interested Parties

2018-01-11 Thread Ryan Sleevi via Public
On Thu, Jan 11, 2018 at 1:18 PM, Kirk Hall via Public wrote: > > It’s possible we could solve this problem simply by changing the > definition of Participants in our IPRA to also include “individuals”, in > addition to entities. But that could apply to all “individuals” who

[cabfpub] Analysis of individuals participating as Interested Parties

2018-01-11 Thread Kirk Hall via Public
Sorry, I forgot to add one important point - "Participant" is defined as an entity that is a member of the Forum - so that means that no Interested Party (individual or entity) is bound by the duties of a "Participant". I definitely think we need to correct our documents as to all Interested

[cabfpub] Final Minutes for CA/Browser Forum Teleconference – Dec. 14, 2017

2018-01-11 Thread Kirk Hall via Public
Final Minutes for CA/Browser Forum Teleconference – Dec. 14, 2017 Attendees: Arno Fiedler (D-TRUST), Atsushi Inaba (GlobalSign), Ben Wilson (DigiCert), Bruce Morton (Entrust), Christopher Kemmerer (SSL.com), Corey Bonnell (Trustwave), Curt Spann (Apple), Daymion Reynolds (GoDaddy), Dean Coclin

[cabfpub] Automated OV

2018-01-11 Thread Matthias Merkel via Public
I had an idea a few months ago which I just remembered again. Basically it is possible to automate OV using D APIs (because most CAs use that for validation). I've also not found any guideline requiring OV to be manual or require human interaction (though I could be wrong of course). Is that

Re: [cabfpub] Ballot 218: Remove validation methods #1 and #5

2018-01-11 Thread Tim Hollebeek via Public
Ok great. Ryan, I will work with you in github today on ironing out updated language, then get it posted here? (Obviously, anyone else who wants to join the discussion there can do so). -Tim From: Daymion T. Reynolds [mailto:dreyno...@godaddy.com] Sent: Wednesday, January 10, 2018

Re: [cabfpub] Pre-Ballot 206 - Amendment to IPR Policy & Bylaws re Working Group Formation

2018-01-11 Thread Dimitris Zacharopoulos via Public
I filled the attached in the governance WG on Tuesday about the Server Certificate Working Group Charter, which didn't make it in the version distributed by Ben. These are some comments for definitions of Application Software Suppliers and Qualified Auditors. I also think we need to update the

Re: [cabfpub] Ballot 218: Remove validation methods #1 and #5

2018-01-11 Thread Tim Hollebeek via Public
That's a good point. -Tim > -Original Message- > From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Gervase > Markham via Public > Sent: Thursday, January 11, 2018 4:41 AM > To: Ryan Sleevi ; CA/Browser Forum Public Discussion > List ;

Re: [cabfpub] Ballot 218: Remove validation methods #1 and #5

2018-01-11 Thread Tim Hollebeek via Public
My personal preference would be to keep a proposed new method out of this ballot. It’s complicated enough as is. Also, your proposal needs more specificity about the exact details of the protocol. We saw yesterday that validation methods that contain a single sentence (#10) may not have

Re: [cabfpub] Ballot 218: Remove validation methods #1 and #5

2018-01-11 Thread Gervase Markham via Public
On 10/01/18 23:49, Ryan Sleevi via Public wrote: > "3.2.2.4.11 Validating Applicant as a Domain Contact Nit: for some time, 3.2.2.4.11 was "Any Other Method". I think we should not reuse numbers in this section, for clarity. So the motion should specify 3.2.2.4.11 as "[Obsoleted]" and have this