Hi, Could the ballot author and endorsers please provide some additional explanation and context surrounding this ballot? As far as I can recall, this topic hasn’t been discussed since SC-062, so it’s rather coming out of nowhere as a ballot proposal (which is, of course, totally fine, but also still abrupt/confusing). Why is this difference between the TBRs and the EVGs necessary/valuable for the WG to address at the moment?
You indicate that this is a discrepancy introduced by Ballot SC-062, but I don’t see how that’s the case. Before SC-062, the TBRs specified policyQualifiers as Optional and after as NOT RECOMMENDED. Neither of these match the MUST present in the EVGs and both of these are compatible/non-conflicting with the MUST present in the EVGs. Thanks, -Clint > On Mar 15, 2024, at 3:01 AM, Paul van Brouwershaven via Servercert-wg > <servercert-wg@cabforum.org> wrote: > > This ballot updates the TLS Extended Validation Guidelines (EVGs) by removing > the exceptions to policyQualifiers in section 9.7, to align them with the > Baseline Requirements (BRs).As result, this ballot changes policyQualifiers > from MUST to NOT RECOMMENDED as stated in the TLS Baseline Requirements, > resolving a discrepancy introduced byBallot SC-62v2 > <https://cabforum.org/2023/03/17/ballot-sc62v2-certificate-profiles-update/> > between section 7.1.2.7.9 Subscriber Certificate Policies > <https://cabforum.org/working-groups/server/baseline-requirements/requirements/#71279-subscriber-certificate-certificate-policies> > of the BRs and the Additional Technical Requirements for EV Certificates > <https://cabforum.org/working-groups/server/extended-validation/guidelines/#97-additional-technical-requirements-for-ev-certificates> > in the EVGs. > > The following motion has been proposed by Paul van Brouwershaven (Entrust) > and endorsed by Dimitris Zacharopoulos (HARICA) and Iñigo Barreira (Sectigo). > > You can view and comment on the GitHub pull request representing this ballot > here:https://github.com/cabforum/servercert/pull/490 > > --- Motion Begins --- > > This ballot modifies the “Guidelines for the Issuance and Management of > Extended Validation Certificates” (“EV Guidelines”) as follows, based on > version 1.8.1: > > MODIFY the Extended Validation Guidelines as specified in the following > redline: > https://github.com/cabforum/servercert/compare/8e7fc7d5cac0cc27c44fe2aa88cf45f5606f4b94...7b9bb1dbfd41b1d0459b8a985ed629ad841ce122 > > > --- Motion Ends --- > > Discussion (at least 7 days): > - Start: 2024-03-15 10:00 UTC > - End no earlier than 2024-03-22 10:00 UTC > > Vote for approval (7 days): > - Start: TBD > - End: TBD > > Any email and files/attachments transmitted with it are intended solely for > the use of the individual or entity to whom they are addressed. If this > message has been sent to you in error, you must not copy, distribute or > disclose of the information it contains. Please notify Entrust immediately > and delete the message from your system. > _______________________________________________ > Servercert-wg mailing list > Servercert-wg@cabforum.org <mailto:Servercert-wg@cabforum.org> > https://lists.cabforum.org/mailman/listinfo/servercert-wg
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Servercert-wg mailing list Servercert-wg@cabforum.org https://lists.cabforum.org/mailman/listinfo/servercert-wg