[Cscwg-public] Importing BRs to CSBRs

Wed Apr 5 09:42:41 UTC 2023

Dear Members,

I made some further edits to the imported requirements from the TLS BRs. 
We can discuss tomorrow at the meeting and if there is agreement we can 
remove the editorial notes. Please review using the Pull Request link 
<https://github.com/cabforum/code-signing/pull/16/files>.

There is a task that needs to be performed throughout the entire 
document, and that is to scan for capitalized terms and check/confirm 
that these terms exist in section 1.6.1 (Definitions). If they do not 
exist, we must highlight them and then decide whether the term is ok to 
remain without capitalized letters or if we have to create a definition 
for them.

Is there anyone that would like to volunteer to work on this specific task?

Best regards,
Dimitris.

On 15/12/2022 7:34 μ.μ., Dimitris Zacharopoulos (HARICA) wrote:
> Martijn,
>
> As we discussed on today's call, we can start reviewing the EDITOR 
> comments at the upcoming meetings until we address all of them.
>
> Of course Members can comment in parallel on GitHub.
>
> For convenience, I created a Pull Request 
> <https://github.com/cabforum/code-signing/pull/16> for people to 
> review more easily against the current CSBRs.
>
> Thanks,
> Dimitris.
>
>
> On 12/8/2022 2:40 PM, Martijn Katerbarg wrote:
>>
>> I’ve continued from the point where Dimitris left off. I’ve also 
>> given it another pass and updated a few more sections. Every update 
>> has an editor note added to it, and is now available in GitHub.
>>
>> The one section remaining to be done, is section 7.1.4.2.3.  This 
>> section references BR Section 3.2 a number of times, so we appear to 
>> need to do a complete comparison of CSCBR Section 3.2 and BR Section 
>> 3.2, and import anything that’s “missing but relevant”.
>>
>> I’ve also discovered 2 potential conflicts, which are called out in 
>> the text.  I’ll add github comments on these so we they become more 
>> visible to everyone, and people can chime in on the items easily.
>>
>> Regards,
>>
>> Martijn
>>
>> *From:*Cscwg-public <cscwg-public-bounces at cabforum.org> *On Behalf Of 
>> *Martijn Katerbarg via Cscwg-public
>> *Sent:* Monday, 5 December 2022 11:02
>> *To:* Dimitris Zacharopoulos (HARICA) <dzacharo at harica.gr>; 
>> cscwg-public at cabforum.org
>> *Subject:* Re: [Cscwg-public] Importing BRs to CSBRs
>>
>> CAUTION: This email originated from outside of the organization. Do 
>> not click links or open attachments unless you recognize the sender 
>> and know the content is safe.
>>
>> Dimitris, I’ll allot time this week to proceed from 7.1.4
>>
>> *From:*Cscwg-public <cscwg-public-bounces at cabforum.org> *On Behalf Of 
>> *Dimitris Zacharopoulos (HARICA) via Cscwg-public
>> *Sent:* Monday, 5 December 2022 10:34
>> *To:* cscwg-public at cabforum.org
>> *Subject:* Re: [Cscwg-public] Importing BRs to CSBRs
>>
>> CAUTION: This email originated from outside of the organization. Do 
>> not click links or open attachments unless you recognize the sender 
>> and know the content is safe.
>>
>>
>> I continued to work in this project and imported requirements all the 
>> way to section 7.1.4 (without working on 7.1.4) and would appreciate 
>> it if someone could pick up from there. The remaining references to a 
>> "BR Section" are very few but at the same time the editor must check 
>> every BR section that was not explicitly referenced by the CSBRs and 
>> import that language.
>>
>> Please check for additional comments/concerns that need to be 
>> addressed, marked with the word "EDITOR".
>>
>>
>> Thanks,
>> Dimitris.
>>
>> On 30/10/2022 1:21 μ.μ., Dimitris Zacharopoulos (HARICA) via 
>> Cscwg-public wrote:
>>
>>
>>     Dear friends,
>>
>>     With the publication of CSBRs version 3.2, I created a branch and
>>     started importing TLS BRs (already completed sections 1 and 2).
>>     You can monitor the progress in:
>>
>>       * https://github.com/cabforum/code-signing/blob/importTLSBRrefs/docs/CSBR.md
>>         <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fcabforum%2Fcode-signing%2Fblob%2FimportTLSBRrefs%2Fdocs%2FCSBR.md&data=05%7C01%7Cmartijn.katerbarg%40sectigo.com%7Cb21e19797fc3421a077308dad6a7c401%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C638058313293596224%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=LnBHnnGIT3SJSGHOUyZz3%2BccSJpWvg1ut8SZYLoIvD0%3D&reserved=0>
>>
>>     Since we will make a full pass of the TLS BRs and EVGs, I believe
>>     it is a good opportunity to import the requirements from*the
>>     latest TLS BRs/EVGs* (1.8.4/1.7.9 respectively). If we encounter
>>     some controversial requirements between the latest versions and
>>     the ones currently referenced that need more discussion, we will
>>     bring this back to the WG to discuss/resolve.
>>
>>     Digicert (Corey) and Sectigo (Martijn) have already declared
>>     their intent to assist in this process. If there are more
>>     volunteers, please reply to this thread so we can possibly
>>     break-down the sections.
>>
>>     Please let me know if you have any questions or concerns.
>>
>>     Best regards,
>>
>>     Dimitris.
>>
>>     _______________________________________________
>>
>>     Cscwg-public mailing list
>>
>>     Cscwg-public at cabforum.org
>>
>>     https://lists.cabforum.org/mailman/listinfo/cscwg-public
>>     <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.cabforum.org%2Fmailman%2Flistinfo%2Fcscwg-public&data=05%7C01%7Cmartijn.katerbarg%40sectigo.com%7Cb21e19797fc3421a077308dad6a7c401%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C638058313293596224%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=Qhs0l%2B0l8vSDqeiu024Id%2BQ6GvOE2RJ1LVQrwu4q25g%3D&reserved=0>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20230405/25d0b16b/attachment.html>