<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix"><br>
HARICA abstains.<br>
<br>
Dimitris Zacharopoulos.<br>
<br>
On 3/12/2015 11:04 μμ, Dean Coclin wrote:<br>
</div>
<blockquote
cite="mid:6582F13249F5FE469EDD0ED069D6426F23145FEEEB@EDO1XCHEVSPIN43.SYMC.SYMANTEC.COM"
type="cite">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 14 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Balloon Text Char";
margin:0in;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
span.BalloonTextChar
{mso-style-name:"Balloon Text Char";
mso-style-priority:99;
mso-style-link:"Balloon Text";
font-family:"Tahoma","sans-serif";}
p.line874, li.line874, div.line874
{mso-style-name:line874;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
span.EmailStyle21
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.EmailStyle22
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:701632324;
mso-list-type:hybrid;
mso-list-template-ids:1798194408 67698703 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
@list l0:level1
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level2
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level3
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l0:level4
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level5
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level6
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l0:level7
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level8
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level9
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal">After a 2 week pre-ballot, the Code Signing
Working Group has now prepared the formal ballot below:<o:p></o:p></p>
<p class="MsoNormal"><u><o:p><span style="text-decoration:none"> </span></o:p></u></p>
<p class="MsoNormal"><u>Ballot 158: Adopt Code Signing Baseline
Requirements<o:p></o:p></u></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">The following motion is proposed by the
Code Signing Working Group and is endorsed by Microsoft, Trend
Micro and OATI. Further information on the ballot is in the
email message below.<o:p></o:p></p>
<p class="line874"><b><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif"">-
- - - Motion for Ballot 158 - - - -<o:p></o:p></span></b></p>
<p class="line874"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif"">Be
it resolved that the CA / Browser Forum adopts the
recommendation of the Code Signing Working Group for Version
1.0 of the Baseline Requirements for Code Signing. Once
adopted, the effective date will be October 1, 2016.<o:p></o:p></span></p>
<p class="line874"><b><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif"">-
- - - Motion Ends - - - -<o:p></o:p></span></b></p>
<p class="MsoNormal">The review period for this ballot shall
commence at 2200 UTC on 3 Dec 2015, and will close at 2200 UTC
on 10 Dec 2015. Unless the motion is withdrawn during the
review period, the voting period will start immediately
thereafter and will close at 2200 UTC on 17 Dec 2015. Votes
must be cast by posting an on-list reply to this thread. <o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">A vote in favor of the motion must indicate
a clear 'yes' in the response. A vote against must indicate a
clear 'no' in the response. A vote to abstain must indicate a
clear 'abstain' in the response. Unclear responses will not be
counted. The latest vote received from any representative of a
voting member before the close of the voting period will be
counted. Voting members are listed here: <o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><a moz-do-not-send="true"
href="https://cabforum.org/members/">https://cabforum.org/members/</a>
<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">In order for the motion to be adopted, two
thirds or more of the votes cast by members in the CA category
and greater than 50% of the votes cast by members in the
browser category must be in favor. Quorum is currently nine
(9) members– at least nine members must participate in the
ballot, either by voting in favor, voting against, or
abstaining.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Dean Coclin and Jeremy Rowley<o:p></o:p></p>
<p class="MsoNormal">Code Signing Working Group co-chairs<o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #B5C4DF
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">
</span><a moz-do-not-send="true"
href="mailto:public-bounces@cabforum.org"><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">public-bounces@cabforum.org</span></a><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">
[</span><a moz-do-not-send="true"
href="mailto:public-bounces@cabforum.org"><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">mailto:public-bounces@cabforum.org</span></a><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">]
<b>On Behalf Of </b>Dean Coclin<br>
<b>Sent:</b> Thursday, November 19, 2015 2:01 PM<br>
<b>To:</b> CABFPub<br>
<b>Subject:</b> [cabfpub] Pre-Ballot: Code Signing
Baseline Requirements<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">The Code Signing Working Group of the
CA/Browser Forum has completed its work on Version 1 of the
Code Signing Baseline Requirements. The Working Group has
been meeting over the last 2+ years to develop and bring this
topic to the Forum for approval. <o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">This Working Group was chartered by the
Forum at the Mozilla face to face meeting in February 2013 and
has brought together forum members and outside participants to
craft a document which we believe will help improve the
security of the ecosystem. Forum members in the working group
include: Comodo, Digicert, Entrust, ETSI, Federal PKI,
Firmaprofessional, Globalsign, Izenpe, Microsoft, Startcom,
SwissSign, Symantec, Trend Micro, WoSign as well as
non-members: Cacert, Intarsys, OTA, Richter, and Travelport.
Also, there have been several public commenting periods which
resulted in changes and revisions to the document. <o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">The stated goal of the group was to:
“Create a set of baseline requirements for code signing that
will reduce the incidence of signed malware”. We strived to
work on 3 sub goals, which are by no means 100% solved.
However we feel that the document reflects progress towards
these goals which were:<o:p></o:p></p>
<p class="MsoListParagraph"
style="text-indent:-.25in;mso-list:l0 level1 lfo2"><!--[if !supportLists]--><span
style="mso-list:Ignore">1.<span style="font:7.0pt
"Times New Roman""> </span></span><!--[endif]-->Minimize
private key theft by moving toward more secure key storage
(protection of private keys)<o:p></o:p></p>
<p class="MsoListParagraph"
style="text-indent:-.25in;mso-list:l0 level1 lfo2"><!--[if !supportLists]--><span
style="mso-list:Ignore">2.<span style="font:7.0pt
"Times New Roman""> </span></span><!--[endif]-->Baseline
authentication and vetting procedures for all parties<o:p></o:p></p>
<p class="MsoListParagraph"
style="text-indent:-.25in;mso-list:l0 level1 lfo2"><!--[if !supportLists]--><span
style="mso-list:Ignore">3.<span style="font:7.0pt
"Times New Roman""> </span></span><!--[endif]-->Information
sharing (notification/revocation) for fraud detection. This
piece was moved to the Information Sharing Working Group<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><u>The document is now final and no further
changes are being accepted</u>. Comments and suggestions
will be accumulated for a future version of the document.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">The group is seeking 2 endorsers for the
ballot below:<o:p></o:p></p>
<p class="line874"><b><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif"">-
- - - Motion for Ballot XXX - - - -<o:p></o:p></span></b></p>
<p class="line874"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif"">Be
it resolved that the CA / Browser Forum adopts the
recommendation of the Code Signing Working Group for Version
1.0 of the Baseline Requirements for Code Signing. Once
adopted the effective date will be October 1, 2016.<o:p></o:p></span></p>
<p class="line874"><b><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif"">-
- - - Motion Ends - - - -<o:p></o:p></span></b></p>
<p class="MsoNormal">The review period for this ballot shall
commence at 2200 UTC on 3 Dec 2015, and will close at 2200 UTC
on 10 Dec 2015. Unless the motion is withdrawn during the
review period, the voting period will start immediately
thereafter and will close at 2200 UTC on 17 Dec 2015. Votes
must be cast by posting an on-list reply to this thread. <o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">A vote in favor of the motion must indicate
a clear 'yes' in the response. A vote against must indicate a
clear 'no' in the response. A vote to abstain must indicate a
clear 'abstain' in the response. Unclear responses will not be
counted. The latest vote received from any representative of a
voting member before the close of the voting period will be
counted. Voting members are listed here: <o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><a moz-do-not-send="true"
href="https://cabforum.org/members/">https://cabforum.org/members/</a>
<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">In order for the motion to be adopted, two
thirds or more of the votes cast by members in the CA category
and greater than 50% of the votes cast by members in the
browser category must be in favor. Quorum is currently nine
(9) members– at least nine members must participate in the
ballot, either by voting in favor, voting against, or
abstaining.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Public mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Public@cabforum.org">Public@cabforum.org</a>
<a class="moz-txt-link-freetext" href="https://cabforum.org/mailman/listinfo/public">https://cabforum.org/mailman/listinfo/public</a></pre>
</blockquote>
<br>
</body>
</html>