I went ahead and added this change to the 2.7 branch: https://github.com/mozilla/pkipolicy/commit/1e7f4edb97c4497e2e04442797ebc670e9d80b44
I removed the phrase "In addition to existing rules placed on the structure of CPs and CPSes that comply with the CA/Browser Forum Baseline Requirements" because we have S/MIME-only CP/CPS' in our program that don't have to comply with the BRs. Given that this is already a required practice, I don't expect there to be any concerns from CAs with the compliance date. If there are any CAs that will have difficulty with this date, please explain why and what a more reasonable date would be. On Mon, Apr 1, 2019 at 5:18 PM Wayne Thayer <wtha...@mozilla.com> wrote: > In October we discussed the use of "No Stipulation", empty sections, and > blank sections in CP/CPSes. [1] The result was an update to the "Required > Practices" wiki page. [2] I propose moving this into policy by adding the > following paragraph to the bottom of section 3.3 "CPs and CPSes" > > In addition to existing rules placed on the structure of CPs and CPSes >> that comply with the CA/Browser Forum Baseline Requirements, and effective >> for versions dated after 30-September, 2019, CPs and CPSes MUST be >> structured according to RFC 3647 and MUST: >> * Include at least every section and subsection defined in RFC 3647; and, >> * Only use the words "*No Stipulation*" to mean that the particular >> document imposes no requirements related to that section; and, >> * Contain no sections that are blank and have no subsections. >> > > This is https://github.com/mozilla/pkipolicy/issues/158 > > I will appreciate everyone's input on this proposal. > > - Wayne > > [1] > https://groups.google.com/d/msg/mozilla.dev.security.policy/Cth8n4mxxmQ/oWV_DgpNBAAJ > [2] > https://wiki.mozilla.org/CA/Required_or_Recommended_Practices#CP.2FCPS_Structured_According_to_RFC_3647 > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
