On 27/4/2018 5:08 μμ, Arno Fiedler via Public wrote:
Hello Dimitris,
please change the proposed text
--------------------------------------
"ETSI EN 319 401 v2.1.1 or newer" AND "ETSI EN 319 411-1 v1.1.1
---------------------------------------
to
------------------------------------
"ETSI EN 319 411-1 v1.1.1 or later, or ETSI EN 319 411-2 v.2.1.1 or
later."
------------------------------------------
EN 319 401 "General Policy Requirements for Trust Service Providers"
covers the basic (eIDAS-) Requirements
I still propose a longer discussing phase >21 days.
Best regards
Arno/
/
Your proposed change is not correct. There were previous discussions in
the Forum which resulted that the 411-2 is not applicable to the CA/B
Forum baseline requirements.
I thought the "background" information of the ballot would explain the
goal of aligning between WebTrust and ETSI which is precisely why we
added the 401 to align with "WebTrust for CAs" and the 411-1 to align
with the "WebTrust for CAs SSL Baseline with Network Security".
Happy to extend the discussion phase if anyone brings any substantial
objections or concerns with the current proposal.
Best regards,
Dimitris.
//
Am 27.04.2018 um 13:58 schrieb Dimitris Zacharopoulos via Public:
On 27/4/2018 2:21 μμ, Arno Fiedler via Public wrote:
Hello Dimitris,
so starting at Mai 1th is fine, if we get 21 days for discussion.
Best regards
arno
Hi Arno,
The discussion has already begun on April 23rd. As already discussed,
if no new information is presented, the final ballot (with no
changes) will be sent, probably on April 30, stating that the voting
will begin on May 1st with no more possible updates to the ballot.
Best Regards,
Dimitris.
Am 27.04.2018 um 07:39 schrieb Dimitris Zacharopoulos via Public:
So far the discussion has been quiet which either means people
generally agree with the ballot or that nobody had time to review
it :-)
I plan on starting the voting period on May 1st unless we hear some
strong objections.
Best Regards,
Dimitris.
On 23/4/2018 8:18 πμ, Dimitris Zacharopoulos via Public wrote:
The following motion has been proposed by Dimitris Zacharopoulos
of HARICA and endorsed by Moudrick M. Dadashov of SSC and Tim
Hollebeek from Digicert.
*Background*:
Section 8.4 of the Baseline Requirements describes the audit
criteria for CAs that issue Publicly-Trusted SSL/TLS Certificates.
This ballot attempts to achieve two things:
1. Remove the old ETSI TS documents
2.
Align the WebTrust and ETSI requirements
"WebTrust for Certification Authorities" is equivalent to "ETSI EN
319 401" and "WebTrust Principles and Criteria for Certification
Authorities – SSL Baseline with Network Security" is equivalent to
"ETSI EN 319 411-1".
*-- MOTION BEGINS --*
Replace the first two numbered items in section 8.4 from:
1.
WebTrust for Certification Authorities v2.0;
2. A national scheme that audits conformance to ETSI TS 102 042 /
ETSI EN 319 411-1; or
to:
1.
"WebTrust for CAs v2.0 or newer" AND "WebTrust for CAs SSL
Baseline with Network Security v2.2 or newer"; or
2. "ETSI EN 319 401 v2.1.1 or newer" AND "ETSI EN 319 411-1
v1.1.1"; or
*-- MOTION ENDS --*
The procedure for this ballot is as follows (exact start and end
times may be adjusted to comply with applicable Bylaws and IPR
Agreement):
*BALLOT 223 Status: Update BR Section 8.4 for CA audit criteria*
*Start time (22:00 UTC)*
*End time (22:00 UTC)*
Discussion (7+ days)
23 April 2018
30 April 2018
Vote for approval (7 days)
TBD
TBD according to voting start time
If vote approves ballot: Review Period (Chair to send Review
Notice) (30 days)
If Exclusion Notice(s) filed, ballot approval is rescinded and PAG
to be created.
If no Exclusion Notices filed, ballot becomes effective at end of
Review Period.
Votes must be cast by posting an on-list reply to this thread on
the Public Mail List.
Upon filing of Review Notice by Chair
30 days after filing of Review Notice by Chair
From the Bylaws section 2.4(a): "If the Draft Guideline Ballot is
proposing a Final Maintenance Guideline, such ballot will include
a redline or comparison showing the set of changes from the Final
Guideline section(s) intended to become a Final Maintenance
Guideline, and need not include a copy of the full set of
guidelines. Such redline or comparison shall be made against the
Final Guideline section(s) as they exist at the time a ballot is
proposed, and need not take into consideration other ballots that
may be proposed subsequently, except as provided in Section 2.4(j)
below".
Votes must be cast by posting an on-list reply to this thread on
the Public list. A vote in favor of the motion must indicate a
clear 'yes' in the response. A vote against must indicate a clear
'no' in the response. A vote to abstain must indicate a clear
'abstain' in the response. Unclear responses will not be counted.
The latest vote received from any representative of a voting
member before the close of the voting period will be counted.
Voting members are listed here: https://cabforum.org/members/
<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcabforum.org%2Fmembers%2F&data=02%7C01%7C%7C38331e54981341187a6508d5ac014ae7%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C636604043901501245&sdata=hxkdSje8Fvk6xsS942EenBP2jU43pcvRSv0gJIPJ4fg%3D&reserved=0>
In order for the motion to be adopted, two thirds or more of the
votes cast by members in the CA category and greater than 50% of
the votes cast by members in the browser category must be in
favor. Quorum is shown on CA/Browser Forum wiki. Under the Bylaws
section 2.3(g), at least the required quorum number must
participate in the ballot for the ballot to be valid, either by
voting in favor, voting against, or abstaining.
_______________________________________________
Public mailing list
[email protected]
https://cabforum.org/mailman/listinfo/public
_______________________________________________
Public mailing list
[email protected]
https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcabforum.org%2Fmailman%2Flistinfo%2Fpublic&data=02%7C01%7C%7C38331e54981341187a6508d5ac014ae7%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C636604043901657497&sdata=yfcaS78wsAZVH7wtKQ5APB%2F0ejm2tk%2BtxzSu6vwz3HM%3D&reserved=0
--
Arno Fiedler
Nimbus Technologieberatung GmbH
Reichensteiner Weg 17
14195 Berlin
Mobil: 0049-(0)172-3053272
Fax: 0049-(0)30-89745-777
E-Mail:[email protected]
Web:www.nimbus-berlin.com
Geschäftsführer: Arno Fiedler
USt-IdNr. : DE 203 269 920
D-U-N-S® Nr. 50-730-8117
HandelsregisterNr:HRB 109409 B
_______________________________________________
Public mailing list
[email protected]
https://cabforum.org/mailman/listinfo/public
_______________________________________________
Public mailing list
[email protected]
https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcabforum.org%2Fmailman%2Flistinfo%2Fpublic&data=02%7C01%7C%7C3c87c7d9811346a665a408d5ac364b00%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C636604271537492849&sdata=lMCiXnkjP9TKMGovj%2BZM5msLUCl4Olfp9wPFvMaOXwo%3D&reserved=0
_______________________________________________
Public mailing list
[email protected]
https://cabforum.org/mailman/listinfo/public
_______________________________________________
Public mailing list
[email protected]
https://cabforum.org/mailman/listinfo/public
