<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
HARICA votes "yes" to ballot CSC-24 (v3).<br>
<br>
<br>
<br>
<div class="moz-cite-prefix">On 20/5/2024 12:05 μ.μ., Martijn
Katerbarg via Cscwg-public wrote:<br>
</div>
<blockquote type="cite"
cite="mid:0100018f953f65df-7641593a-2f7c-4362-87f8-123c2ad7b911-000000@email.amazonses.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="Generator"
content="Microsoft Word 15 (filtered medium)">
<style>@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}@font-face
{font-family:Aptos;
panose-1:2 11 0 4 2 2 2 2 2 4;}p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
font-size:11.0pt;
font-family:"Aptos",sans-serif;}a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#467886;
text-decoration:underline;}p.null, li.null, div.null
{mso-style-name:null;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Aptos",sans-serif;}span.pl-mh
{mso-style-name:pl-mh;}span.apple-converted-space
{mso-style-name:apple-converted-space;}span.EmailStyle25
{mso-style-type:personal-reply;
font-family:"Aptos",sans-serif;
color:windowtext;}.MsoChpDefault
{mso-style-type:export-only;
font-size:11.0pt;
mso-ligatures:none;}div.WordSection1
{page:WordSection1;}ol
{margin-bottom:0cm;}ul
{margin-bottom:0cm;}</style>
<div class="WordSection1">
<div id="mail-editor-reference-message-container">
<div>
<div>
<div>
<p><strong><span
style="font-family:"Aptos",sans-serif;color:#212121">Purpose
of the Ballot</span></strong><o:p></o:p></p>
<p class="MsoNormal"
style="font-variant-caps:normal;orphans:auto;text-align:start;widows:auto;word-spacing:0px"
id="bkmrk-this-ballot-updates-"><span
style="color:#212121">This ballot updates the
“Baseline Requirements for the Issuance and
Management of Publicly</span><span
style="font-family:"Cambria Math",serif;color:#212121">‐</span><span
style="color:#212121">Trusted Code Signing
Certificates“ version 3.7 in order to clarify
language regarding Timestamp Authority Private Key
Protection. The main goals of this ballot are to:</span><o:p></o:p></p>
<ol id="bkmrk-remove-dependencies-" type="1" start="1">
<li class="null"
style="color:#212121;mso-list:l0 level1 lfo1"><span
class="pl-mh"><span style="font-size:11.0pt">Require
Private Keys associated with newly issued
Timestamp Authority Subordinate CA to be stored
in offline HSMs</span></span><o:p></o:p></li>
<li class="null"
style="color:#212121;mso-list:l0 level1 lfo1"><span
class="pl-mh"><span style="font-size:11.0pt">Require
newly issued Timestamp Certificates to be issued
from a TSA CA with its Private key storedn in
offline HSMs</span></span><o:p></o:p></li>
<li class="null"
style="color:#212121;mso-list:l0 level1 lfo1"><span
class="pl-mh"><span style="font-size:11.0pt">Add a
requirement to remove Private Keys associated
with Timestamp Certificates after a 18 months</span></span><o:p></o:p></li>
<li class="null"
style="color:#212121;mso-list:l0 level1 lfo1"><span
class="pl-mh"><span style="font-size:11.0pt">Add a
requirement to reject SHA-1 timestamp requests</span></span><o:p></o:p></li>
</ol>
<p class="MsoNormal"
style="font-variant-caps:normal;orphans:auto;text-align:start;widows:auto;word-spacing:0px"
id="bkmrk-the-following-motion"><span
style="color:#212121">The following motion has been
proposed by Martijn Katerbarg of Sectigo and
endorsed by Bruce Morton of Entrust and Ian McMillan
of Microsoft.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#212121"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="font-variant-caps:normal;orphans:auto;text-align:start;widows:auto;word-spacing:0px"
id="bkmrk-%C2%A0motion-begins"><strong><span
style="font-family:"Aptos",sans-serif;color:#212121">MOTION
BEGINS</span></strong><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#212121"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="font-variant-caps:normal;orphans:auto;text-align:start;widows:auto;word-spacing:0px"
id="bkmrk-this-ballot-updates--1"><span
style="color:#212121">This ballot updates the
“Baseline Requirements for the Issuance and
Management of Publicly</span><span
style="font-family:"Cambria Math",serif;color:#212121">‐</span><span
style="color:#212121">Trusted Code Signing
Certificates” ("Code Signing Baseline Requirements")
based on version 3.7. MODIFY the Code Signing
Baseline Requirements as specified in the following
redline:<span class="apple-converted-space"> <a
href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fcabforum%2Fcode-signing%2Fcompare%2Fd431d9104094f2b89f35ed4bf1d64b9a844e762b...61d9426e9025d448a13eb56fa75b9651b2136548&data=05%7C02%7Cmartijn.katerbarg%40sectigo.com%7Caa1b8192390640ced2f608dc70d613fa%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C638509311986804205%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=AQ8Z9jdMXCd%2FZtJHMaHlONu1OTZWqjz8qOrV13KLQX4%3D&reserved=0"
moz-do-not-send="true">https://github.com/cabforum/code-signing/compare/d431d9104094f2b89f35ed4bf1d64b9a844e762b...61d9426e9025d448a13eb56fa75b9651b2136548</a></span>
</span><o:p></o:p></p>
<p
style="font-variant-caps:normal;orphans:auto;text-align:start;widows:auto;word-spacing:0px"
id="bkmrk-motion-ends"><strong><span
style="font-family:"Aptos",sans-serif;color:#212121">MOTION
ENDS</span></strong><o:p></o:p></p>
<p class="MsoNormal"
style="font-variant-caps:normal;orphans:auto;text-align:start;widows:auto;word-spacing:0px"
id="bkmrk-the-procedure-for-th"><span
style="color:#212121">The procedure for this ballot
is as follows:</span><o:p></o:p></p>
<p
style="font-variant-caps:normal;orphans:auto;text-align:start;widows:auto;word-spacing:0px"
id="bkmrk-discussion-%287-days%29"><span
style="color:#212121">Discussion (7 days)</span><o:p></o:p></p>
<ul
style="margin-top:0cm;font-variant-caps:normal;orphans:auto;text-align:start;widows:auto;word-spacing:0px"
id="bkmrk-start-time%3A-09-09-20" type="disc">
<li class="MsoNormal"
style="color:#212121;mso-list:l2 level1 lfo2">Start
Time: 2024-05-10 10:45 UTC<o:p></o:p></li>
<li class="MsoNormal"
style="color:#212121;mso-list:l2 level1 lfo2">End
Time: Not before 2024-05-<span
style="color:windowtext" lang="EN-US">20</span><span
lang="EN-US"> </span><span
style="color:windowtext" lang="EN-US">09</span>:<span
style="color:windowtext" lang="EN-US">0</span>5
UTC<o:p></o:p></li>
</ul>
<p
style="font-variant-caps:normal;orphans:auto;text-align:start;widows:auto;word-spacing:0px"
id="bkmrk-vote-for-approval-%287"><span
style="color:#212121">Vote for approval (7 days)</span><o:p></o:p></p>
<ul
style="margin-top:0cm;font-variant-caps:normal;orphans:auto;text-align:start;widows:auto;word-spacing:0px"
id="bkmrk-start-time%3A-09-16-20" type="disc">
<li class="MsoNormal"
style="color:#212121;mso-list:l1 level1 lfo3">Start
Time: <span style="color:windowtext" lang="SV">2024-05-20
09:05 UTC</span><o:p></o:p></li>
<li class="MsoNormal"
style="color:#212121;mso-list:l1 level1 lfo3">End
Time:<span style="color:windowtext" lang="SV">
2024-05-27 09:05 UTC</span><o:p></o:p></li>
</ul>
<p class="MsoNormal"
style="font-variant-caps:normal;orphans:auto;text-align:start;widows:auto;word-spacing:0px"><span
style="color:#212121"> </span><o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
Cscwg-public mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Cscwg-public@cabforum.org">Cscwg-public@cabforum.org</a>
<a class="moz-txt-link-freetext" href="https://lists.cabforum.org/mailman/listinfo/cscwg-public">https://lists.cabforum.org/mailman/listinfo/cscwg-public</a>
</pre>
</blockquote>
<br>
</body>
</html>