TrustAsia votes YES on Ballot SC-073. Best regards, Rollin Yu
> On Apr 26, 2024, at 08:00, Wayne Thayer via Servercert-wg > <servercert-wg@cabforum.org> wrote: > > Purpose of Ballot SC-073 > This ballot proposes updates to the Baseline Requirements for the Issuance > and Management of Publicly-Trusted TLS Server Certificates related to weak > and compromised private keys. These changes lie primarily in Section 6.1.1.3 > <http://6.1.1.3/>: > > 6.1.1.3(4) clarifies that, for the purpose of this requirement, CAs shall be > made aware of compromised keys using their existing notification mechanism(s). > 6.1.1.3(5) improves guidance for CAs around the detection of weak keys. > Should this ballot pass, these changes become effective on November 15, 2024. > > Notes: > > This ballot builds on the extensive work done by SSL.com in creating ballot > SC-59v2 Weak Key Guidance. SSL.com’s contributions are appreciated. > Thanks to Rob Stradling of Sectigo for the generation and publication of the > set of Debian weak keys referenced in this ballot. > The Debian weak keys requirements have been discussed extensively, including > in the following threads: > https://lists.cabforum.org/pipermail/servercert-wg/2024-March/004291.html and > https://lists.cabforum.org/pipermail/servercert-wg/2024-April/004422.html > This ballot does not appear to conflict with any other ballots that are > currently under discussion. > > > The following motion has been proposed by Wayne Thayer of Fastly, and > endorsed by Brittany Randall of GoDaddy and Bruce Morton of Entrust. > — Motion Begins — > This ballot modifies the “Baseline Requirements for the Issuance and > Management of Publicly-Trusted Certificates” (“Baseline Requirements”), based > on Version 2.0.3. > MODIFY the Baseline Requirements for the Issuance and Management of > Publicly-Trusted TLS Server Certificates as specified in the following > Redline: > Here is a link to the immutable GitHub redline: > https://github.com/cabforum/servercert/compare/a65402cff89affe1fc0a1f0e49807c7e42e1608a...bee10c8e4a56815bffd59fab12cbd4044baa7cc0 > > — Motion Ends — > This ballot proposes a Final Maintenance Guideline. The procedure for > approval of this ballot is as follows: > Discussion (7+ days) > > Start time: 2024-04-18 00:00:00 UTC > End time: 2024-04-26 00:00:00 UTC > Vote for approval (7 days) > > Start time: 2024-04-26 00:00:00 UTC > End time: 2024-05-03 00:00:00 UTC > _______________________________________________ > Servercert-wg mailing list > Servercert-wg@cabforum.org > https://lists.cabforum.org/mailman/listinfo/servercert-wg
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Servercert-wg mailing list Servercert-wg@cabforum.org https://lists.cabforum.org/mailman/listinfo/servercert-wg
