<decloaking for a moment of IETF process discussion> > On Dec 20, 2018, at 8:32 AM, Rob Stradling via Servercert-wg > <[email protected]> wrote: > > Sectigo votes NO. > > We don't object to the idea behind this ballot, and we don't have any > specific objections to the content of this ballot either. However, the > IETF has a process for defining new CAA properties, and this process > needs to be followed. > > https://tools.ietf.org/html/rfc6844#section-7.2 says: > "Addition of tag identifiers requires a public specification and > Expert Review as set out in [RFC6195], Section 3.1.1." > > The BRs is a "public specification", certainly. However, *before* the > new CAA property proposed by this ballot can become enshrined as a > requirement in the BRs: > 1. An application for "Expert Review" must be submitted > and > 2. An "approved" response from the designated Expert must be received > > Since IANA has not yet assigned any Expert(s) to the caa-properties > registry [1], it's clear that the required "Expert Review" has not yet > occurred. > > > [1] > https://www.iana.org/assignments/pkix-parameters/pkix-parameters.xhtml#caa-properties
It is worthwhile noting the paragraph of RFC 6844 immediately after the one quoted above: The tag space is designed to be sufficiently large that exhausting the possible tag space need not be a concern. The scope of Expert Review SHOULD be limited to the question of whether the specification provided is sufficiently clear to permit implementation and to avoid unnecessary duplication of functionality. Even though there is not yet an expert reviewer (which is odd, given that they've had almost six years to make that assignment), this text makes it sound like the registration in this ballot would very likely be accepted, and if it wasn't, an appeal would almost certainly win. If this ballot passes, someone from CABForum should send a message to the IESG saying "there was no reviewer, we added a property that we think meets the requirements, and as soon as you assign an expert reviewer (cough cough) we will submit this to the registry". --Paul Hoffman
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
