Here is another revision based on comments received today - https://github.com/cabforum/forum/blob/BenWilson-SCWG-charter-1.3/SCWG-charter.md, which currently reads in relevant parts:
*3. (b) Certificate Consumer:* The Certificate Consumer voting class shall consist of eligible organizations meeting the following criteria: (1) it produces a software product intended for use by the general public for browsing the Web securely; (2) it provides updates for its membership-qualifying software product at least every 6 months to ensure that customers of the Certificate Consumer are getting regular security patches; (3) it has public documentation stating that it requires Certificate Issuers to comply with the TLS Baseline Requirements; (4) its membership-qualifying software product uses a list of CA certificates to validate the chain of trust from a TLS certificate to a CA certificate in such list; (5) it publishes the list of CA certificates used to validate the chain of trust from a TLS certificate to a CA certificate in such list; *and* (6) it publishes how it adds or removes a CA certificate from such list. ... *4. (c)* Applicants that qualify as Certificate Consumers must supply the following additional information: - URL from which to download its software product intended for use by the general public for browsing the Web securely; - URL or other evidence demonstrating that it provides updates for its membership-qualifying software product at least every 6 months; - URL to its statement requiring Certificate Issuer compliance with the TLS Baseline Requirements; - URL for its list of CA certificates that its membership-qualifying software product uses to validate the chain of trust from a TLS certificate to a CA certificate in such list; and - URL or other evidence explaining its process for adding or removing a CA certificate from such list. ... *5. (a) Certificate Consumer:* A Certificate Consumer Member is suspended, and its right to vote automatically ceases, if any of the following become true: - six (6) months have elapsed since it last updated its membership-qualifying software product; - it ceases to require that Certificate Issuers comply with the TLS Baseline Requirements; - its membership-qualifying software product ceases to use a list of CA certificates to validate the chain of trust from a TLS certificate to a CA certificate in such list; - it ceases to publish such list of CA certificates used to validate the chain of trust; *or* - it ceases to publish how it adds or removes a CA certificate from such list. I'm open to comments and suggestions. Thanks, Ben On Tue, Sep 26, 2023 at 6:00 PM Aaron Gable <aa...@letsencrypt.org> wrote: > Totally understood regarding CT Logs. It's something I think we should > pursue, but perhaps not on this timeline. > > I would prefer that Certificate Consumers be required to "maintain" a list > of CA certificates. This maintenance can be as simple as copying some other > Root Program's list of trusted certificates. But I think it's helpful to > have a requirement that Certificate Consumers actively decide whether to > include individual certificates, or whether to take updates from their > upstream trust store, on an ongoing basis. > > Aaron > > On Mon, Sep 25, 2023 at 4:35 PM Ben Wilson <bwil...@mozilla.com> wrote: > >> Thanks, Martijn and Aaron, >> >> Aaron, I don't think I can add a CT-support requirement for Certificate >> Consumers at this time, although we can take the issue up for further >> conversation. >> >> Martijn, So that the duration of the probationary period is kept to six >> months, it might be better to eliminate the F2F attendance requirement. If >> we keep it, then a probationary member might have to wait until the next >> F2F (but certainly not a year). How do people feel about this? >> >> Also, I have received feedback regarding whether a Certificate Consumer >> should be required to "maintain" a full list of CAs. (I think I didn't have >> the term "maintain" in the GitHub draft of the charter, so I'm thinking >> that we might eliminate the term from the proposal.) Similarly, I'm >> concerned that a requirement to publish "how a CA can apply for >> inclusion in its root store" might make it less likely for a ballot to >> pass. So, instead of "maintaining" a (full) list, what if we left it just, >> "(4) its membership-qualifying software product uses a list of CA >> certificates to validate the chain of trust from a TLS certificate to a CA >> certificate in such list"? What are everyone's thoughts on this? >> >> Thanks, >> >> Ben >> >> On Thu, Sep 14, 2023 at 9:23 AM Aaron Gable <aa...@letsencrypt.org> >> wrote: >> >>> Hi all, >>> >>> I have a very different proposal for a Certificate Consumer membership >>> criterion. I have no objection to any of the currently-proposed criteria; >>> this could easily be in addition to them. What if we added: >>> >>> > (c) Applicants that qualify as Certificate Consumers must supply the >>> following additional information: >>> > - URL for its list of CA certificates that its membership-qualifying >>> software product uses to validate the chain of trust from a TLS certificate >>> to a CA certificate in such list; and >>> > *- URL for the Certificate Transparency log which it operates within >>> <uptime and latency constraints> and which accepts all submissions for TLS >>> certificates which chain up to any CA certificate in the list above*; >>> and >>> >>> Frankly, the Certificate Transparency ecosystem is in peril at the >>> moment. With the recent shutdown of Sectigo's Mammoth >>> <https://groups.google.com/a/chromium.org/g/ct-policy/c/Ebj2hhe5QYA/m/Cl7IW33UAgAJ> >>> log and retirement of DigiCert's Yeti >>> <https://groups.google.com/a/chromium.org/g/ct-policy/c/PVbs0ZMVeCI/m/Hf8kwuuAAQAJ> >>> and Nessie >>> <https://groups.google.com/a/chromium.org/g/ct-policy/c/MXLJFHdHdFo> >>> logs, the already-tiny handful of organizations >>> <https://googlechrome.github.io/CertificateTransparency/log_list.html> >>> operating >>> usable CT logs is feeling even smaller. So what if Certificate Consumers -- >>> the organizations which benefit most from a diverse and robust ecosystem of >>> CT logs -- were required to bring their own to the table? Running a CT log >>> is clearly non-trivial, so such a requirement would effectively demonstrate >>> that potential Certificate Consumer members are serious about operating for >>> the good of the ecosystem in the long term. >>> >>> Thanks, >>> Aaron >>> >>> On Fri, Sep 1, 2023 at 1:42 AM Martijn Katerbarg via Servercert-wg < >>> servercert-wg@cabforum.org> wrote: >>> >>>> Ben, >>>> >>>> >>>> >>>> This seems like a good option. I’d say maybe we need to increase the 6 >>>> months period to 12, otherwise within a 6 months period there may only be 1 >>>> F2F. Requiring attendance (remote or in-person) if there’s only 1 F2F in >>>> the time-span, could be hard if there’s a case of bad timing. >>>> >>>> >>>> >>>> Additionally, I’d like to request the addition of an additional >>>> criteria (although it’s related to the “publish how it decides to add or >>>> remove a CA certificate from its list.” item. I’d like to request we add a >>>> requirement to: >>>> >>>> >>>> >>>> - Publish how a CA can apply for inclusion in its root store >>>> >>>> >>>> >>>> With this addition, I’d be happy to endorse >>>> >>>> >>>> >>>> Regards, >>>> >>>> Martijn >>>> >>>> >>>> >>>> *From:* Servercert-wg <servercert-wg-boun...@cabforum.org> *On Behalf >>>> Of *Ben Wilson via Servercert-wg >>>> *Sent:* Thursday, 31 August 2023 00:50 >>>> *To:* CA/B Forum Server Certificate WG Public Discussion List < >>>> servercert-wg@cabforum.org> >>>> *Subject:* [Servercert-wg] Proposed Revision of SCWG Charter >>>> >>>> >>>> >>>> CAUTION: This email originated from outside of the organization. Do not >>>> click links or open attachments unless you recognize the sender and know >>>> the content is safe. >>>> >>>> >>>> >>>> All, >>>> >>>> >>>> >>>> Thanks for your suggestions and recommendations. I think we are much >>>> closer to an acceptable revision of the Server Certificate Working Group >>>> Charter. Here is the current draft: >>>> https://github.com/cabforum/forum/blob/BenWilson-SCWG-charter-1.3/SCWG-charter.md >>>> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fcabforum%2Fforum%2Fblob%2FBenWilson-SCWG-charter-1.3%2FSCWG-charter.md&data=05%7C01%7Cmartijn.katerbarg%40sectigo.com%7C8b9a53bc77c6445114a808dba9ab7821%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C638290326178847047%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=v5YGnqCdwBXA4fa4h%2FMaUTSLaGOOXxUdcP5mwUYbRRA%3D&reserved=0> >>>> >>>> >>>> >>>> We have decided that a participation/attendance requirement for ongoing >>>> membership is currently too complicated to manage, but we believe it is >>>> important that there be a probationary period of six months during which >>>> all new CABF-voting applicants must attend at least 30% of the >>>> teleconferences and at least the SCWG portion of one F2F (virtually or >>>> in-person). See section 4(d) in the draft cited above. We believe that with >>>> this limited scope, we can and should measure attendance to ensure that >>>> prospective members are serious about participating in the Forum. >>>> >>>> >>>> >>>> We no longer seek to require that a Certificate Consumer have any >>>> particular size or user base (or that they meet other criteria that were >>>> floated in recent emails). Those criteria were also currently too >>>> complicated. However, in addition to those Certificate Consumer >>>> requirements that are in the existing charter, we want a Certificate >>>> Consumer to: >>>> >>>> - have public documentation stating that it requires Certificate >>>> Issuers to comply with the TLS Baseline Requirements; >>>> - maintain a list of CA certificates used to validate the chain of >>>> trust from a TLS certificate to a CA certificate in such list; and >>>> - publish how it decides to add or remove a CA certificate from its >>>> list. >>>> >>>> I am looking for two endorsers of a FORUM ballot, so if the >>>> above-referenced draft is generally acceptable, please contact me, and we >>>> can work out any remaining details. >>>> >>>> >>>> >>>> Thanks, >>>> >>>> >>>> >>>> Ben >>>> >>>> >>>> >>>> >>>> >>>> On Tue, Jul 25, 2023 at 11:07 PM Roman Fischer via Servercert-wg < >>>> servercert-wg@cabforum.org> wrote: >>>> >>>> Dear Ben, >>>> >>>> >>>> >>>> I like your two new suggestions as they offer more lightweight >>>> mechanisms. >>>> >>>> >>>> >>>> One other idea (completely ad hoc and not really thought through) would >>>> be to change the charter to allow suspension of members from the SCWG by >>>> ballot. That way a ballot could be proposed, discussed, endorsed and voted >>>> on. And since the state of “suspended membership” is well defined >>>> (including the way back to full membership), this might offer the “accused” >>>> member enough possibility to counter the “allegations” made in the ballot. >>>> It would also make transparent who wants to suspend whom for what reasons… >>>> >>>> >>>> >>>> Kind regards >>>> Roman >>>> >>>> >>>> >>>> *From:* Ben Wilson <bwil...@mozilla.com> >>>> *Sent:* Dienstag, 25. Juli 2023 17:40 >>>> *To:* Roman Fischer <roman.fisc...@swisssign.com> >>>> *Cc:* CA/B Forum Server Certificate WG Public Discussion List < >>>> servercert-wg@cabforum.org> >>>> *Subject:* Re: [Servercert-wg] Participation Proposal for Revised SCWG >>>> Charter >>>> >>>> >>>> >>>> Thanks for your insights, Roman. >>>> >>>> >>>> >>>> I'm not yet convinced that the attendance approach would not be >>>> effective. Nevertheless, here are some other potential alternatives to >>>> discuss: >>>> >>>> >>>> >>>> 1 - require that a Certificate Consumer have a certain size userbase, >>>> or alternatively, that they be a Root Store member of the Common CA >>>> Database <https://www.ccadb.org/rootstores/how>, or >>>> >>>> 2 - require that a Certificate Consumer pay a membership fee to the >>>> CA/Browser Forum. >>>> >>>> >>>> >>>> Does anyone have any other ideas, proposals, or suggestions that we can >>>> discuss? >>>> >>>> >>>> >>>> The approaches listed above would be in addition to the following other >>>> requirements already proposed: >>>> >>>> >>>> >>>> The Certificate Consumer has public documentation stating that it >>>> requires Certification Authorities to comply with the CA/Browser Forum’s >>>> Baseline Requirements for the issuance and maintenance of TLS server >>>> certificates; its membership-qualifying software product uses a list of CA >>>> certificates to validate the chain of trust from a TLS certificate to a CA >>>> certificate in such list; and it publishes how it decides to add or remove >>>> a CA certificate from the root store used in its membership-qualifying >>>> software product. >>>> >>>> >>>> >>>> Thanks, >>>> >>>> >>>> >>>> Ben >>>> >>>> >>>> >>>> On Mon, Jul 24, 2023 at 10:48 PM Roman Fischer < >>>> roman.fisc...@swisssign.com> wrote: >>>> >>>> Dear Ben, >>>> >>>> >>>> >>>> As stated before, I’m against minimal attendance (or even participation >>>> – however you would measure that, numbers of words spoken or written?) >>>> requirements. I’ve seen in university, in private associations, policitcs… >>>> that this simply doesn’t solve the problem. I totally agree with Tim: It >>>> will create administrative overhead and not solve the problem. >>>> >>>> >>>> >>>> IMHO non-particpants taking part in the democratic process (i.e. >>>> voting) is just something we have to accept and factor in. It’s one end of >>>> the extreme spectrum. There might be over-active participants that >>>> overwhelm the group by pushing their own agenda… If we have minimum >>>> participation requirements, then we maybe should also have maximum >>>> participation rules? 😉 >>>> >>>> >>>> >>>> Rgds >>>> Roman >>>> >>>> >>>> >>>> *From:* Servercert-wg <servercert-wg-boun...@cabforum.org> *On Behalf >>>> Of *Ben Wilson via Servercert-wg >>>> *Sent:* Montag, 24. Juli 2023 21:40 >>>> *To:* Tim Hollebeek <tim.holleb...@digicert.com>; CA/B Forum Server >>>> Certificate WG Public Discussion List <servercert-wg@cabforum.org> >>>> *Subject:* Re: [Servercert-wg] Participation Proposal for Revised SCWG >>>> Charter >>>> >>>> >>>> >>>> Tim, >>>> >>>> One problem we're trying to address is the potential for a great number >>>> of “submarine voters”. Such members may remain inactive for extended >>>> periods of time and then surface only to vote for or against something they >>>> suddenly are urged to support or oppose, without being aware of the >>>> issues. This will skew and damage the decision-making process. >>>> >>>> Another problem, that I don't think has been mentioned before, is the >>>> reliability of the CA/Browser Forum to adopt well-informed standards going >>>> forward. In other words, if something like I suggest happens, then I can >>>> see Certificate Consumers leaving the Forum and unilaterally setting very >>>> separate and distinct rules. This will result in fragmentation, >>>> inconsistency, and much more management overhead for CAs than the effort >>>> needed to keep track of attendance, which is already being done by the >>>> Forum. (If you'd like, I can share with everyone the list of members who >>>> have not voted or attended meetings in over two years.) >>>> >>>> Ben >>>> >>>> >>>> >>>> On Mon, Jul 24, 2023 at 11:41 AM Tim Hollebeek < >>>> tim.holleb...@digicert.com> wrote: >>>> >>>> What is your argument in response to the point that any potential bad >>>> actors will be trivially able to satisfy the participation metrics? >>>> >>>> >>>> >>>> I’m very worried we’ll end up doing a lot of management and tracking >>>> work, without actually solving the problem. >>>> >>>> >>>> >>>> -Tim >>>> >>>> >>>> >>>> *From:* Ben Wilson <bwil...@mozilla.com> >>>> *Sent:* Monday, July 24, 2023 10:21 AM >>>> *To:* Ben Wilson <bwil...@mozilla.com>; CA/B Forum Server Certificate >>>> WG Public Discussion List <servercert-wg@cabforum.org> >>>> *Cc:* Tim Hollebeek <tim.holleb...@digicert.com> >>>> *Subject:* Re: [Servercert-wg] Participation Proposal for Revised SCWG >>>> Charter >>>> >>>> >>>> >>>> All, >>>> >>>> I have thought a lot about this, including various other formulas (e.g. >>>> market share) to come up with something reasonable, but I've come back to >>>> attendance as the key metric that we need to focus on. I just think that an >>>> attendance metric provides the only workable, measurable, and sound >>>> solution for determining the right to vote as a Certificate Consumer >>>> because it offers the following three elements: >>>> >>>> - Informed Decision-Making: Voting requires a comprehensive >>>> understanding of ongoing discussions and developments. Regular >>>> attendance >>>> provides members with the necessary context and knowledge to make >>>> well-informed decisions. >>>> - Commitment: Attendance is a tangible and measurable >>>> representation of a member's commitment to the Server Certificate WG and >>>> its objectives. It demonstrates a genuine interest in contributing to >>>> the >>>> development and improvement of the requirements. >>>> - Active Involvement: By prioritizing attendance, we encourage >>>> active involvement and discourage passive membership. Voting rights >>>> should >>>> be earned through consistent engagement, as this ensures that decisions >>>> are >>>> made by those who are genuinely invested in the outcomes. >>>> >>>> At this point, I'm going to re-draft a proposal for a revision to the >>>> Server Certificate WG Charter and present it on the public list (because an >>>> eventual revision of the Charter will have to take place at the Forum >>>> level). >>>> >>>> Thanks, >>>> >>>> Ben >>>> >>>> >>>> >>>> On Thu, Jul 13, 2023 at 9:45 AM Ben Wilson via Servercert-wg < >>>> servercert-wg@cabforum.org> wrote: >>>> >>>> Thanks, Tim. >>>> >>>> >>>> >>>> All, >>>> >>>> >>>> >>>> I will look closer at the distribution and use of software for browsing >>>> the internet securely, instead of participation metrics. There is at least >>>> one source, StatCounter ( >>>> https://gs.statcounter.com/browser-market-share >>>> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgs.statcounter.com%2Fbrowser-market-share&data=05%7C01%7Cmartijn.katerbarg%40sectigo.com%7C8b9a53bc77c6445114a808dba9ab7821%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C638290326179003260%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ydD0D6sfKEJ6o2wTujCNQ%2BdatbbJCovHalOjQM9heHA%3D&reserved=0>), >>>> that purports to measure use of browsing software, both globally and >>>> regionally. Would it be worthwhile to explore distribution by region and >>>> come up with a reasonable threshold? Can we rely on StatCounter, or should >>>> we look elsewhere? >>>> >>>> >>>> >>>> Thanks, >>>> >>>> >>>> >>>> Ben >>>> >>>> >>>> >>>> On Wed, Jul 12, 2023 at 9:30 AM Tim Hollebeek via Servercert-wg < >>>> servercert-wg@cabforum.org> wrote: >>>> >>>> I have a meaningful comment. >>>> >>>> >>>> >>>> I don’t want to ever have to discuss or judge whether someone’s comment >>>> is “meaningful” or not, and I don’t think incentivizing people to post more >>>> comments than they otherwise would is helpful. >>>> >>>> >>>> >>>> I also think getting the chairs involved in any way in discussing >>>> whether a member representative did or did not have a medical condition >>>> during a particular time period is an extremely bad idea. >>>> >>>> >>>> >>>> Given that the original issue was trying to determine whether a >>>> certificate consumer is in fact a legitimate player in the ecosystem or >>>> not, I would suggest that exploring metrics like market share might be far >>>> more useful. Metrics like participation are rather intrusive and onerous, >>>> except to those who are trying to game them, and those trying to game such >>>> metrics will succeed with little or no effort. >>>> >>>> >>>> >>>> -Tim >>>> >>>> >>>> >>>> *From:* Servercert-wg <servercert-wg-boun...@cabforum.org> *On Behalf >>>> Of *Roman Fischer via Servercert-wg >>>> *Sent:* Wednesday, July 12, 2023 7:23 AM >>>> *To:* CA/B Forum Server Certificate WG Public Discussion List < >>>> servercert-wg@cabforum.org> >>>> *Subject:* Re: [Servercert-wg] Participation Proposal for Revised SCWG >>>> Charter >>>> >>>> >>>> >>>> Dear Ben, >>>> >>>> >>>> >>>> Mandatory participation has in my experience never resulted in more or >>>> better discussions. People will dial into the telco and let it run in the >>>> background to “earn the credits”. >>>> >>>> >>>> >>>> Also, what would happen after the 90 day suspension? Would the >>>> organization be removed as a CA/B member? >>>> >>>> >>>> >>>> Rgds >>>> Roman >>>> >>>> >>>> >>>> *From:* Servercert-wg <servercert-wg-boun...@cabforum.org> *On Behalf >>>> Of *Ben Wilson via Servercert-wg >>>> *Sent:* Freitag, 7. Juli 2023 21:59 >>>> *To:* CA/B Forum Server Certificate WG Public Discussion List < >>>> servercert-wg@cabforum.org> >>>> *Subject:* [Servercert-wg] Participation Proposal for Revised SCWG >>>> Charter >>>> >>>> >>>> >>>> All, >>>> >>>> >>>> >>>> Here is a draft participation proposal for the SCWG to consider and >>>> discuss for inclusion in a revised SCWG Charter. >>>> >>>> >>>> >>>> #. Participation Requirements to Maintain Voting Privileges >>>> >>>> >>>> >>>> (a) Attendance. The privilege to vote “Yes” or “No” on ballots is >>>> suspended for 90 days if a Voting Member fails to meet the following >>>> attendance requirement over any 365-day period: >>>> >>>> - 10% of SCWG meetings for Voting Members located in time zones >>>> offset by UTC +5 through UTC +12 >>>> - 30% of SCWG meetings for Voting Members located in all other time >>>> zones >>>> >>>> (b) Meaningful Comments. Posting a Meaningful Comment is an >>>> alternative means of meeting the attendance requirement in subsection (a). >>>> A Voting Member can earn an attendance credit to make up for each missed >>>> meeting by posting a Meaningful Comment to the SCWG Public Mail List. Each >>>> Meaningful Comment is equal to attending one (1) meeting. >>>> >>>> >>>> >>>> A Meaningful Comment is one that follows the Code of Conduct and >>>> provides relevant information to the SCWG, such as new information, an >>>> insight, suggestion, or perspective related to the Scope of the SCWG, or >>>> that proposes an improvement to the TLS Baseline Requirements or EV >>>> Guidelines. It can also be something that responds to or builds on the >>>> comments of others in a meaningful way, or that offers feedback, >>>> suggestions, or solutions to the issues or challenges raised by the topic >>>> of discussion. >>>> >>>> >>>> >>>> A Meaningful Comment should be both relevant (within the Scope of the >>>> SCWG or related to the discussion that is taking place on the mailing >>>> list) and well-supported (clear reasons why the Voting Representative >>>> believes what they believe and supported by facts, data, or other >>>> information.) >>>> >>>> >>>> >>>> (c) A Voting Member that has failed to meet the attendance requirement >>>> in subsection (a) above is considered an "Inactive Member". Any Member who >>>> believes that any other Member is an Inactive Member may report that Member >>>> on the Forum's Management List by providing specific information about that >>>> Member's non-participation, and the SCWG Chair shall send written >>>> notice to the Inactive Member by email within seven (7) calendar days. The >>>> notice will include a reminder of the requirement to participate and inform >>>> the Inactive Member of the consequences of not participating. >>>> >>>> >>>> >>>> (d) Suspension of Voting Privileges. The Inactive Member's privilege to >>>> vote “Yes” or “No” on any ballot shall be temporarily suspended for a >>>> period of 90 days from the date of the notice. During the suspension >>>> period, the Inactive Member may vote “Abstain” on ballots. >>>> >>>> >>>> >>>> (e) Restoration of Voting Privilege. Voting privileges will be >>>> automatically restored to the Inactive Member upon attending three >>>> consecutive meetings. The restoration of voting privileges will be >>>> effective on the next ballot that enters the voting period after the >>>> Inactive Member meets the reactivation criteria. >>>> >>>> >>>> >>>> (f) Exceptional Circumstances. In cases where an Inactive Member can >>>> demonstrate justifiable reasons for their inability to participate, such as >>>> medical conditions or other extenuating circumstances affecting their >>>> Voting Representative(s), the SCWG Chair may review and consider >>>> reinstating voting privileges on a case-by-case basis. >>>> >>>> >>>> >>>> Thanks, >>>> >>>> >>>> >>>> Ben >>>> >>>> _______________________________________________ >>>> Servercert-wg mailing list >>>> Servercert-wg@cabforum.org >>>> https://lists.cabforum.org/mailman/listinfo/servercert-wg >>>> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.cabforum.org%2Fmailman%2Flistinfo%2Fservercert-wg&data=05%7C01%7Cmartijn.katerbarg%40sectigo.com%7C8b9a53bc77c6445114a808dba9ab7821%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C638290326179003260%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=mtCK0NJkw5hpj930sutPJm39JGzqRirYiQH7YIL2XEo%3D&reserved=0> >>>> >>>> _______________________________________________ >>>> Servercert-wg mailing list >>>> Servercert-wg@cabforum.org >>>> https://lists.cabforum.org/mailman/listinfo/servercert-wg >>>> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.cabforum.org%2Fmailman%2Flistinfo%2Fservercert-wg&data=05%7C01%7Cmartijn.katerbarg%40sectigo.com%7C8b9a53bc77c6445114a808dba9ab7821%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C638290326179003260%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=mtCK0NJkw5hpj930sutPJm39JGzqRirYiQH7YIL2XEo%3D&reserved=0> >>>> >>>> _______________________________________________ >>>> Servercert-wg mailing list >>>> Servercert-wg@cabforum.org >>>> https://lists.cabforum.org/mailman/listinfo/servercert-wg >>>> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.cabforum.org%2Fmailman%2Flistinfo%2Fservercert-wg&data=05%7C01%7Cmartijn.katerbarg%40sectigo.com%7C8b9a53bc77c6445114a808dba9ab7821%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C638290326179003260%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=mtCK0NJkw5hpj930sutPJm39JGzqRirYiQH7YIL2XEo%3D&reserved=0> >>>> >>>> _______________________________________________ >>>> Servercert-wg mailing list >>>> Servercert-wg@cabforum.org >>>> https://lists.cabforum.org/mailman/listinfo/servercert-wg >>>> >>>
_______________________________________________ Servercert-wg mailing list Servercert-wg@cabforum.org https://lists.cabforum.org/mailman/listinfo/servercert-wg