[Cscwg-public] Importing BRs to CSBRs

Tue Jul 11 09:22:06 UTC 2023

Dear Members,

With CSBR version 3.3 released, we can proceed with the ballot to import 
the TLS BRs into the CSBRs. The draft ballot language is available on 
the wiki 
<https://wiki.cabforum.org/books/code-signing-certificate-wg/page/csc-19-draft-remove-ssl-br-references> 
and I am still looking for one more endorser.

You can check out the redline following this link:

  * https://github.com/cabforum/code-signing/pull/16/files#diff-808316a5bc581afeb9178b30e20a9ab01f7d62f9

If you prefer to send comments directly to the pull request, please use 
https://github.com/cabforum/code-signing/pull/16.

Thank you,
Dimitris.

On 5/4/2023 12:42 μ.μ., Dimitris Zacharopoulos (HARICA) wrote:
> Dear Members,
>
> I made some further edits to the imported requirements from the TLS 
> BRs. We can discuss tomorrow at the meeting and if there is agreement 
> we can remove the editorial notes. Please review using the Pull 
> Request link <https://github.com/cabforum/code-signing/pull/16/files>.
>
> There is a task that needs to be performed throughout the entire 
> document, and that is to scan for capitalized terms and check/confirm 
> that these terms exist in section 1.6.1 (Definitions). If they do not 
> exist, we must highlight them and then decide whether the term is ok 
> to remain without capitalized letters or if we have to create a 
> definition for them.
>
> Is there anyone that would like to volunteer to work on this specific 
> task?
>
>
> Best regards,
> Dimitris.
>
>
>
> On 15/12/2022 7:34 μ.μ., Dimitris Zacharopoulos (HARICA) wrote:
>> Martijn,
>>
>> As we discussed on today's call, we can start reviewing the EDITOR 
>> comments at the upcoming meetings until we address all of them.
>>
>> Of course Members can comment in parallel on GitHub.
>>
>> For convenience, I created a Pull Request 
>> <https://github.com/cabforum/code-signing/pull/16> for people to 
>> review more easily against the current CSBRs.
>>
>> Thanks,
>> Dimitris.
>>
>>
>> On 12/8/2022 2:40 PM, Martijn Katerbarg wrote:
>>>
>>> I’ve continued from the point where Dimitris left off. I’ve also 
>>> given it another pass and updated a few more sections. Every update 
>>> has an editor note added to it, and is now available in GitHub.
>>>
>>> The one section remaining to be done, is section 7.1.4.2.3.  This 
>>> section references BR Section 3.2 a number of times, so we appear to 
>>> need to do a complete comparison of CSCBR Section 3.2 and BR Section 
>>> 3.2, and import anything that’s “missing but relevant”.
>>>
>>> I’ve also discovered 2 potential conflicts, which are called out in 
>>> the text.  I’ll add github comments on these so we they become more 
>>> visible to everyone, and people can chime in on the items easily.
>>>
>>> Regards,
>>>
>>> Martijn
>>>
>>> *From:*Cscwg-public <cscwg-public-bounces at cabforum.org> *On Behalf 
>>> Of *Martijn Katerbarg via Cscwg-public
>>> *Sent:* Monday, 5 December 2022 11:02
>>> *To:* Dimitris Zacharopoulos (HARICA) <dzacharo at harica.gr>; 
>>> cscwg-public at cabforum.org
>>> *Subject:* Re: [Cscwg-public] Importing BRs to CSBRs
>>>
>>> CAUTION: This email originated from outside of the organization. Do 
>>> not click links or open attachments unless you recognize the sender 
>>> and know the content is safe.
>>>
>>> Dimitris, I’ll allot time this week to proceed from 7.1.4
>>>
>>> *From:*Cscwg-public <cscwg-public-bounces at cabforum.org> *On Behalf 
>>> Of *Dimitris Zacharopoulos (HARICA) via Cscwg-public
>>> *Sent:* Monday, 5 December 2022 10:34
>>> *To:* cscwg-public at cabforum.org
>>> *Subject:* Re: [Cscwg-public] Importing BRs to CSBRs
>>>
>>> CAUTION: This email originated from outside of the organization. Do 
>>> not click links or open attachments unless you recognize the sender 
>>> and know the content is safe.
>>>
>>>
>>> I continued to work in this project and imported requirements all 
>>> the way to section 7.1.4 (without working on 7.1.4) and would 
>>> appreciate it if someone could pick up from there. The remaining 
>>> references to a "BR Section" are very few but at the same time the 
>>> editor must check every BR section that was not explicitly 
>>> referenced by the CSBRs and import that language.
>>>
>>> Please check for additional comments/concerns that need to be 
>>> addressed, marked with the word "EDITOR".
>>>
>>>
>>> Thanks,
>>> Dimitris.
>>>
>>> On 30/10/2022 1:21 μ.μ., Dimitris Zacharopoulos (HARICA) via 
>>> Cscwg-public wrote:
>>>
>>>
>>>     Dear friends,
>>>
>>>     With the publication of CSBRs version 3.2, I created a branch
>>>     and started importing TLS BRs (already completed sections 1 and
>>>     2). You can monitor the progress in:
>>>
>>>       * https://github.com/cabforum/code-signing/blob/importTLSBRrefs/docs/CSBR.md
>>>         <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fcabforum%2Fcode-signing%2Fblob%2FimportTLSBRrefs%2Fdocs%2FCSBR.md&data=05%7C01%7Cmartijn.katerbarg%40sectigo.com%7Cb21e19797fc3421a077308dad6a7c401%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C638058313293596224%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=LnBHnnGIT3SJSGHOUyZz3%2BccSJpWvg1ut8SZYLoIvD0%3D&reserved=0>
>>>
>>>     Since we will make a full pass of the TLS BRs and EVGs, I
>>>     believe it is a good opportunity to import the requirements
>>>     from*the latest TLS BRs/EVGs* (1.8.4/1.7.9 respectively). If we
>>>     encounter some controversial requirements between the latest
>>>     versions and the ones currently referenced that need more
>>>     discussion, we will bring this back to the WG to discuss/resolve.
>>>
>>>     Digicert (Corey) and Sectigo (Martijn) have already declared
>>>     their intent to assist in this process. If there are more
>>>     volunteers, please reply to this thread so we can possibly
>>>     break-down the sections.
>>>
>>>     Please let me know if you have any questions or concerns.
>>>
>>>     Best regards,
>>>
>>>     Dimitris.
>>>
>>>     _______________________________________________
>>>
>>>     Cscwg-public mailing list
>>>
>>>     Cscwg-public at cabforum.org
>>>
>>>     https://lists.cabforum.org/mailman/listinfo/cscwg-public
>>>     <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.cabforum.org%2Fmailman%2Flistinfo%2Fcscwg-public&data=05%7C01%7Cmartijn.katerbarg%40sectigo.com%7Cb21e19797fc3421a077308dad6a7c401%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C638058313293596224%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=Qhs0l%2B0l8vSDqeiu024Id%2BQ6GvOE2RJ1LVQrwu4q25g%3D&reserved=0>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20230711/0b6c14c9/attachment.html>