<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
HARICA votes "yes" to ballot CSC-22.<br>
<br>
<br>
<div class="moz-cite-prefix">On 5/1/2024 10:02 μ.μ., Bruce Morton
via Cscwg-public wrote:<br>
</div>
<blockquote type="cite"
cite="mid:0100018cdb37dedd-5ffe52a1-4a7f-483a-aae5-9b523246f6db-000000@email.amazonses.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="Generator"
content="Microsoft Word 15 (filtered medium)">
<style>@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}@font-face
{font-family:DengXian;
panose-1:2 1 6 0 3 1 1 1 1 1;}@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}@font-face
{font-family:"MS PGothic";
panose-1:2 11 6 0 7 2 5 8 2 4;}@font-face
{font-family:"\@MS PGothic";}@font-face
{font-family:"\@DengXian";
panose-1:2 1 6 0 3 1 1 1 1 1;}p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:10.0pt;
font-family:"Calibri",sans-serif;
mso-fareast-language:JA;}a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
font-size:10.0pt;
font-family:"Calibri",sans-serif;
mso-fareast-language:JA;}p.null, li.null, div.null
{mso-style-name:null;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:10.0pt;
font-family:"Calibri",sans-serif;
mso-fareast-language:JA;}span.pl-mh
{mso-style-name:pl-mh;}span.EmailStyle23
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;
mso-ligatures:none;}div.WordSection1
{page:WordSection1;}ol
{margin-bottom:0in;}ul
{margin-bottom:0in;}</style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p style="margin:0in"><b><span
style="font-size:13.5pt;font-family:"Arial",sans-serif;color:black">Purpose
of the Ballot</span></b><o:p></o:p></p>
<p class="MsoNormal" id="bkmrk-this-ballot-updates-"><span
style="font-size:11.0pt">This ballot updates the “Baseline
Requirements for the Issuance and Management of
Publicly‐Trusted Code Signing Certificates“ version 3.4 in
order to clarify language regarding Signing Service and
signing requests. The main goals of this ballot are to:<o:p></o:p></span></p>
<ol id="bkmrk-remove-dependencies-" type="1" start="1">
<li class="null" style="mso-list:l1 level1 lfo3"><span
class="pl-mh"><span style="font-size:11.0pt">Remove
references to High Risk Certificate Request, since the
CSBRs do not provide any actions for a high risk
application.</span><o:p></o:p></span></li>
<li class="null" style="mso-list:l1 level1 lfo3"><span
class="pl-mh"><span style="font-size:11.0pt">Remove
references to High Risk Region of Concern, since the
CSBR appendix has never been populated.<o:p></o:p></span></span></li>
<li class="null" style="mso-list:l1 level1 lfo3"><span
class="pl-mh"><span style="font-size:11.0pt">Remove rules
for a Takeover Attack to require the Subscriber to
generate keys in a crypto device, since crypto device
key generation is now a baseline requirement for all
code signing certificates.<o:p></o:p></span></span></li>
<li class="null" style="mso-list:l1 level1 lfo3"><span
class="pl-mh"><span style="font-size:11.0pt">Remove option
to transfer private key which has been generated in
software.<o:p></o:p></span></span></li>
<li class="null" style="mso-list:l1 level1 lfo3"><span
class="pl-mh"><span style="font-size:11.0pt">Cleanup to
remove Subscriber key generation option which expired
effective 1 June 2023.<o:p></o:p></span></span></li>
<li class="null" style="mso-list:l1 level1 lfo3"><span
class="pl-mh"><span style="font-size:11.0pt">Cleanup to
remove “any other method” to verify the Subscriber key
was generated in a crypto device, since this option
expired 1 June 2023.</span></span><o:p></o:p></li>
</ol>
<p class="MsoNormal"><span style="font-size:11.0pt">The
following motion has been proposed by Bruce Morton of
Entrust and endorsed by Tim Hollebeek of DigiCert and Ian
McMillan of Microsoft.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"> <o:p></o:p></span></p>
<p style="margin:0in"><b><span
style="font-size:13.5pt;font-family:"Arial",sans-serif;color:#0E101A">MOTION
BEGINS</span></b><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">This ballot
updates the “Baseline Requirements for the Issuance and
Management of Publicly‐Trusted Code Signing Certificates”
("Code Signing Baseline Requirements") based on version 3.4.
MODIFY the Code Signing Baseline Requirements as specified
in the following redline: <a
href="https://urldefense.com/v3/__https:/github.com/cabforum/code-signing/compare/e0da5532ab81e35e2e92536c1bc9ea3c36765b26...50871dc08d39102daf6c93fa556a869790643fb6__;!!FJ-Y8qCqXTj2!eGQ4FLzNANTdAsLaGTDHePbCY7_W0AsXx1qTmmyTqiyaSVcoj5VGsgK7r7e1D0YQaI5U-YDAzAAi90kRle47DpUbNXxd$"
moz-do-not-send="true">
https://github.com/cabforum/code-signing/compare/e0da5532ab81e35e2e92536c1bc9ea3c36765b26...50871dc08d39102daf6c93fa556a869790643fb6</a><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p style="margin:0in"><b><span
style="font-size:13.5pt;font-family:"Arial",sans-serif;color:#0E101A">MOTION
ENDS</span></b><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt">The
procedure for this ballot is as follows: Discussion (minimum
7 days)<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoListParagraph"
style="margin-left:0in;mso-list:l2 level1 lfo6"><span
style="font-size:11.0pt">Start Time: 2023-12-15 00:00 UTC<o:p></o:p></span></li>
<li class="MsoListParagraph"
style="margin-left:0in;mso-list:l2 level1 lfo6"><span
style="font-size:11.0pt">End Time: 2024-01-05 20:00 UTC<o:p></o:p></span></li>
</ul>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">Vote for
approval (7 days)<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoListParagraph"
style="margin-left:0in;mso-list:l2 level1 lfo6"><span
style="font-size:11.0pt">Start Time: 2024-01-05 20:00 UTC<o:p></o:p></span></li>
<li class="MsoListParagraph"
style="margin-left:0in;mso-list:l2 level1 lfo6"><span
style="font-size:11.0pt">End Time: 2024-01-12 20:00 UTC<o:p></o:p></span></li>
</ul>
</div>
<i>Any email and files/attachments transmitted with it are
intended solely for the use of the individual or entity to whom
they are addressed. If this message has been sent to you in
error, you must not copy, distribute or disclose of the
information it contains.
<u>Please notify Entrust immediately and delete the message from
your system.</u></i>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
Cscwg-public mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Cscwg-public@cabforum.org">Cscwg-public@cabforum.org</a>
<a class="moz-txt-link-freetext" href="https://lists.cabforum.org/mailman/listinfo/cscwg-public">https://lists.cabforum.org/mailman/listinfo/cscwg-public</a>
</pre>
</blockquote>
<br>
</body>
</html>