That may be true, but I don't see any upside for using that date. If you need to make a minor CPS update in early January for any reason, you now have additional work.
I think late December policy changes should be avoided as a general rule. -Tim > -----Original Message----- > From: dev-security-policy <dev-security-policy-boun...@lists.mozilla.org> > On Behalf Of Jakob Bohm via dev-security-policy > Sent: Wednesday, October 24, 2018 9:44 AM > To: mozilla-dev-security-pol...@lists.mozilla.org > Cc: Jakob Bohm <jb-mozi...@wisemo.com> > Subject: Re: What does "No Stipulation" mean, and when is it OK to use it in > CP/CPS? > > On 24/10/2018 00:08, Tim Hollebeek wrote: > > I agree with you, but December 31 is a particularly horrible compliance > deadline. Perhaps January 31? > > > > Note that the requirement applies only to CP/CPS dated after that date. > So it is really Dec 31 + the time until the CP/CPS is updated for some other > reason. This is different than many other policy requirements, and a > welcome reduction in administrative overhead for all concerned (including > root programs and relying parties). > > For example, it a CA updated their CP/CPS in August 2018 to comply with > new BRs, and again in May 2019 due to annual review, they need not comply > until May 2019. > > > > >> -----Original Message----- > >> From: dev-security-policy > >> <dev-security-policy-boun...@lists.mozilla.org> On Behalf Of Wayne > >> Thayer via dev-security-policy > >> Sent: Monday, October 22, 2018 6:00 PM > >> To: Kathleen Wilson <kwil...@mozilla.com> > >> Cc: mozilla-dev-security-policy > >> <mozilla-dev-security-pol...@lists.mozilla.org> > >> Subject: Re: What does "No Stipulation" mean, and when is it OK to > >> use it in CP/CPS? > >> > >> Having given this some more thought, I suggest the following changes: > >> > >> ... > >> > >> * Finally, I think we need some effective date for these as required > practices. > >> One approach would be to require compliance for any CP/CPS dated > >> after Dec 31, 2018. > >> > >> - Wayne > >> > >> On Tue, Oct 23, 2018 at 2:25 AM Kathleen Wilson via > >> dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > >> > >>> I have updated the section as follows: > >>> - Removed the sentence that was trying to limit the use of "No > >>> Stipulation". Hopefully the clarification about what these words > >>> mean is sufficient. > >>> - Added bullet points > >>> - Added "Sections MUST not be left blank. ..." > >>> > >>> > >>> > >> https://clicktime.symantec.com/a/1/Xh- > rJgK1XipLGMs1U1jQtvScEL4FB3RgBJ > >> dwBJwZeYE=?d=vW4rM0CTwt8BO- > WkB0mRKJ4JerYClzYhMZEWRTwXeQpnsTE59W7amFJ7 > >> UBJ2Lqfz4GYYK9b1- > 861DyJ4DaHeghkm5uPyaLz88lMhRqvIqIqTZA_cIJj019oR2rEK9 > >> bhkXphYgKSUVtoR8Jv4c4ZyzmC1PwABos85PgNWZUQJmHU- > PUFpXdUPJHpMF3mizDn82r > >> > k0Y2RsTkEa8rivnT6E8_XY2ct_Qb2EyuqdHD5BaiPxVGtBuabizQhhSJTxJOnwKO > WaoM- > >> G1uz_LEZUDTl53vgLqwOnLWYb8q3kLP7q7clVFhkAPULAOQGVhob01XI- > oCmWpmJtDsMG > >> > HVzmozw0E1T4208EZyfyv2L2nQKYOsdTwEScupt4ut18MDXpcevjD2CbeA2U9 > QfVhB_kA > >> _fCU3vcSLkeOXiJOLq- > YfSsXuiLvEqqmw4GLGR758pQeOj_rVwNE30jDvfqbbmg&u=htt > >> > ps%3A%2F%2Fwiki.mozilla.org%2FCA%2FRequired_or_Recommended_Pract > ices% > >> 23CP.2FCPS > >>> _Structured_According_to_RFC_3647 > >>> > >>> > >>> I continue to appreciate your feedback on this new section. > >>> > > > Enjoy > > Jakob > -- > Jakob Bohm, CIO, Partner, WiseMo A/S. > https://clicktime.symantec.com/a/1/wiu9LnSxIGejJD4uoZpqluwf3s5JsQkbpA > XBO8_i0rw=?d=vW4rM0CTwt8BO- > WkB0mRKJ4JerYClzYhMZEWRTwXeQpnsTE59W7amFJ7UBJ2Lqfz4GYYK9b1- > 861DyJ4DaHeghkm5uPyaLz88lMhRqvIqIqTZA_cIJj019oR2rEK9bhkXphYgKSUV > toR8Jv4c4ZyzmC1PwABos85PgNWZUQJmHU- > PUFpXdUPJHpMF3mizDn82rk0Y2RsTkEa8rivnT6E8_XY2ct_Qb2EyuqdHD5BaiP > xVGtBuabizQhhSJTxJOnwKOWaoM- > G1uz_LEZUDTl53vgLqwOnLWYb8q3kLP7q7clVFhkAPULAOQGVhob01XI- > oCmWpmJtDsMGHVzmozw0E1T4208EZyfyv2L2nQKYOsdTwEScupt4ut18MDX > pcevjD2CbeA2U9QfVhB_kA_fCU3vcSLkeOXiJOLq- > YfSsXuiLvEqqmw4GLGR758pQeOj_rVwNE30jDvfqbbmg&u=https%3A%2F%2F > www.wisemo.com > Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10 This > public discussion message is non-binding and may contain errors. > WiseMo - Remote Service Management for PCs, Phones and Embedded > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://clicktime.symantec.com/a/1/iMWW4Dv3PtBKTbZjlKIU- > irUZprQKCSffpbwg_M87H8=?d=vW4rM0CTwt8BO- > WkB0mRKJ4JerYClzYhMZEWRTwXeQpnsTE59W7amFJ7UBJ2Lqfz4GYYK9b1- > 861DyJ4DaHeghkm5uPyaLz88lMhRqvIqIqTZA_cIJj019oR2rEK9bhkXphYgKSUV > toR8Jv4c4ZyzmC1PwABos85PgNWZUQJmHU- > PUFpXdUPJHpMF3mizDn82rk0Y2RsTkEa8rivnT6E8_XY2ct_Qb2EyuqdHD5BaiP > xVGtBuabizQhhSJTxJOnwKOWaoM- > G1uz_LEZUDTl53vgLqwOnLWYb8q3kLP7q7clVFhkAPULAOQGVhob01XI- > oCmWpmJtDsMGHVzmozw0E1T4208EZyfyv2L2nQKYOsdTwEScupt4ut18MDX > pcevjD2CbeA2U9QfVhB_kA_fCU3vcSLkeOXiJOLq- > YfSsXuiLvEqqmw4GLGR758pQeOj_rVwNE30jDvfqbbmg&u=https%3A%2F%2Fl > ists.mozilla.org%2Flistinfo%2Fdev-security-policy
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
