Ballot Forum-17 – Creation of Network Security Working Group

Ballot overview

• Ballot FORUM-17 created the Network Security Working Group.
• The ballot also amended the Server Certificate Working Group charter to remove references to the Network and Certificate System Security Requirements.
• The ballot states that the voting completed and the ballot passed.

Voting results

• Certificate Issuers: 22 yes votes, 0 no votes, 0 abstentions.
• Certificate Consumers: 2 yes votes, 0 no votes, 0 abstentions.
• The bylaws requirements were met for Certificate Issuers, Certificate Consumers, adoption, and quorum.
• The page notes that a vote placed by GlobalTrust was not received on the public list and will not be counted.

What the ballot does

• Creates the Network Security Working Group under the CA/Browser Forum bylaws.
• Gives the NetSec WG responsibility for maintaining the NCSSRs and related security work.
• Allows the NetSec WG to make security-related recommendations to other Forum working groups.
• Sets the NetSec WG end date as continuing until dissolved by a vote of the CA/B Forum.
• Establishes participation, voting structure, leadership, communication, and IPR policy terms for the new working group.

Next steps and timing

• Existing CA/Browser Forum members must declare intent to participate in the NetSec WG by email to questions@cabforum.org, including voting class and representative details.
• The page recommends doing this by January 15, 2022.
• The acting chair was to convene a meeting tentatively scheduled for Tuesday, January 18, 2022, at 2 PM EDT.
• The voting period began on 2021-12-16 19:00 UTC and ended on 2021-12-23 19:00 UTC.
• Discussion ran from 2021-12-09 18:00:00 UTC to 2021-12-16 19:00:00 UTC.

Charter and operational details

• The NetSec WG scope includes modifying and maintaining the NCSSRs, recommending security improvements, creating new security requirements or best practices, and performing risk and security analyses.
• The NetSec WG is not to adopt requirements, guidelines, or maintenance guidelines concerning certificate profiles, validation processes, certificate issuance, certificate revocation, or subscriber obligations, which remain within other working groups’ purview.
• Membership is limited to organizations that are Certificate Issuer Members or Certificate Consumer Members of the SCWG, CSCWG, or SMCWG.
• Members must declare participation before participating by requesting to be added to the mailing list.
• The initial Chair is Clint Wilson and the initial Vice-Chair is David Kluge.
• The Chair and Vice-Chair serve until October 31, 2022, or until replaced, resigned, or otherwise disqualified.
• The charter states that the NetSec WG will produce and maintain versions of the NCSSRs, and version 1.7 remains valid until replaced by a subsequent version.