[Cscwg-public] [Cscwg-management] CEN standards

Inigo Barreira Inigo.Barreira at sectigo.com
Fri Nov 4 13:13:00 UTC 2022 

Ok, will review it and suggest changes if any



De: Bruce Morton <Bruce.Morton at entrust.com>
Enviado el: viernes, 4 de noviembre de 2022 13:59
Para: Inigo Barreira <Inigo.Barreira at sectigo.com>;
cscwg-public at cabforum.org; Dimitris Zacharopoulos (HARICA) <dzacharo at harica.
gr>
Asunto: RE: [Cscwg-management] CEN standards



CAUTION: This email originated from outside of the organization. Do not
click links or open attachments unless you recognize the sender and know the
content is safe.



Hi Inigo,



Perhaps it would be best if some one which has access to the document can
review and suggest text, which they think could be added to the CSBRs. We do
not want to reference the document as being a requirement. We are just
trying to update the CSBRs to ensure we have sufficient requirements for a
Signing Service.



Thanks, Bruce.



From: Cscwg-management <cscwg-management-bounces at cabforum.org
<mailto:cscwg-management-bounces at cabforum.org> > On Behalf Of Inigo Barreira
via Cscwg-management
Sent: Friday, November 4, 2022 8:53 AM
To: Dimitris Zacharopoulos (HARICA) <dzacharo at harica.gr
<mailto:dzacharo at harica.gr> >; cscwg-management at cabforum.org
<mailto:cscwg-management at cabforum.org>
Subject: [EXTERNAL] Re: [Cscwg-management] CEN standards



WARNING: This email originated outside of Entrust.
DO NOT CLICK links or attachments unless you trust the sender and know the
content is safe.

  _____

Hi,



There´s no such a process nor any liaison with CEN so I´m afraid there´s
nothing we can do at the moment. I´ve been in contact with CEN and also
ETSI just in case (ETSI TC ESI has also access to the latest working draft
from CEN because there´s a liaison between both entities but for ESI
internal use only) but there´s no option, as of now, that we may have that
document (except from buying it).

Unfortunately, I can´t share it here either.



We can try to establish a relationship with CEN but I don´t see how
considering the nature of their procedures and work and that the CABF is not
an incorporated entity or alike, but we can ask.



Regards



De: Dimitris Zacharopoulos (HARICA) <dzacharo at harica.gr
<mailto:dzacharo at harica.gr> >
Enviado el: viernes, 4 de noviembre de 2022 12:10
Para: Inigo Barreira <Inigo.Barreira at sectigo.com
<mailto:Inigo.Barreira at sectigo.com> >; cscwg-management at cabforum.org
<mailto:cscwg-management at cabforum.org>
Asunto: Re: [Cscwg-management] CEN standards



CAUTION: This email originated from outside of the organization. Do not
click links or open attachments unless you recognize the sender and know the
content is safe.



Hi Inigo,

In past discussions with Nick Pope (Vice Chair of ETSI ESI TC) about how the
CABF could potentially use text from ETSI documents, he said that there is a
process in which ETSI can examine and potentially give a perpetual license
(or something like that). Obviously the source would need to be mentioned in
the document, etc, etc.

Is it a good time to do a similar inquiry to CEN? I don't think we plan to
copy the entire standard but perhaps some sections of interest to this
group. Of course, the CABF Guidelines are distributed with Creative Commons
attribution 4.0 International license and must continue to use this license
which means free distribution.

As Tim said, if there is no such process within CEN, it's probably a
non-starter to copy exact sections/paragraphs from CEN 419 241 into the
CSBRs.


Thanks,
Dimitris.

On 4/11/2022 10:56 π.μ., Inigo Barreira via Cscwg-management wrote:

Hi there,



After the yesterday call, I got in touch with the CEN TC224 chairman to know
how to obtain a copy of the server signing CEN standards for our review.

The answer is:

Unfortunately, I do not know any possibility to get the CEN standards free
of charge. Even the WG members only have the latest working draft. This is
because the national standardisation committees like DIN or AENOR etc. are
(partly) financed by selling the final version of the standards.



I have a working draft of the standard that I can share but don´t know if
this is the latest one. I´ve asked him if he can provide us with the latest
working draft to share.



Regards



_______________________________________________
Cscwg-management mailing list
Cscwg-management at cabforum.org <mailto:Cscwg-management at cabforum.org>
https://lists.cabforum.org/mailman/listinfo/cscwg-management <https://nam04.
safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.cabforum.org%2Fmai
lman%2Flistinfo%2Fcscwg-management&data=05%7C01%7CInigo.Barreira%40sectigo.c
om%7C0d2fe580b7cb46d0723508dabe6460fc%7C0e9c48946caa465d96604b6968b49fb7%7C0
%7C0%7C638031635581358852%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIj
oiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=5dQgMRHvGfeki
dLV32Em8SU%2B%2Bf%2FC05ZlUj63RXp0cyI%3D&reserved=0>



Any email and files/attachments transmitted with it are confidential and are
intended solely for the use of the individual or entity to whom they are
addressed. If this message has been sent to you in error, you must not copy,
distribute or disclose of the information it contains. Please notify Entrust
immediately and delete the message from your system.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20221104/a667f26c/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6853 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20221104/a667f26c/attachment-0001.p7s>

More information about the Cscwg-public mailing list