<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p><font face="Calibri">Hi all,<br>
</font></p>
<p><font face="Calibri">I already made the following proposal
previously, both in writing here on the mailing list and also
verbally during the last call (at the very last minutes as it
was not on the agenda, sorry), but I don't see it mentioned in
the call minutes of May 8 below, so I'll try to propose it
again. <br>
<br>
Among the methods for the "Validation of individual identity"
(SMBR 3.2.4.2), as part of the validation process of a request
for an S/MIME IV certificate (or an SV certificate, where there
is no Enterprise RA involved), I think it would make sense to
admit - in addition to a digital signature based on an eIDAS
compliant qualified certificate - also a digital signature based
on another S/MIME IV or SV (BR-compliant) certificate of the
applicant. This seems quite logical to me considering the rigor
inherent in the validation requirements already established by
the S/MIME BR to date. </font></p>
<p><font face="Calibri">At least in the case of <i>renewal</i>, I
think it would be completely logical and safe to accept a
request signed by the applicant with his/her current S/MIME IV
or SV certificate (the one soon to expire) without the need to
perform a further "verification of individual identity" with
other methods. </font></p>
<p><font face="Calibri">If this idea for some reason doesn't seem
practical or useful or safe enough, I'd like someone to explain
their objections or concerns.</font></p>
<p><font face="Calibri">Thank you all for your attention.</font></p>
<p><font face="Calibri">Adriano</font></p>
<p><font face="Calibri"><br>
</font></p>
<div class="moz-cite-prefix">Il 11/05/2024 22:02, Stephen Davidson
via Smcwg-management ha scritto:<br>
</div>
<blockquote type="cite"
cite="mid:0100018f693fd56b-e31b4721-c8ba-4ae7-a5bb-de9b42be70ce-000000@email.amazonses.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="Generator"
content="Microsoft Word 15 (filtered medium)">
<style>@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}@font-face
{font-family:Aptos;}p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin-top:0in;
margin-right:0in;
margin-bottom:8.0pt;
margin-left:0in;
line-height:115%;
font-size:12.0pt;
font-family:"Aptos",sans-serif;
mso-ligatures:standardcontextual;}a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#467886;
text-decoration:underline;}p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:8.0pt;
margin-left:.5in;
mso-add-space:auto;
line-height:115%;
font-size:12.0pt;
font-family:"Aptos",sans-serif;
mso-ligatures:standardcontextual;}p.MsoListParagraphCxSpFirst, li.MsoListParagraphCxSpFirst, div.MsoListParagraphCxSpFirst
{mso-style-priority:34;
mso-style-type:export-only;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
mso-add-space:auto;
line-height:115%;
font-size:12.0pt;
font-family:"Aptos",sans-serif;
mso-ligatures:standardcontextual;}p.MsoListParagraphCxSpMiddle, li.MsoListParagraphCxSpMiddle, div.MsoListParagraphCxSpMiddle
{mso-style-priority:34;
mso-style-type:export-only;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
mso-add-space:auto;
line-height:115%;
font-size:12.0pt;
font-family:"Aptos",sans-serif;
mso-ligatures:standardcontextual;}p.MsoListParagraphCxSpLast, li.MsoListParagraphCxSpLast, div.MsoListParagraphCxSpLast
{mso-style-priority:34;
mso-style-type:export-only;
margin-top:0in;
margin-right:0in;
margin-bottom:8.0pt;
margin-left:.5in;
mso-add-space:auto;
line-height:115%;
font-size:12.0pt;
font-family:"Aptos",sans-serif;
mso-ligatures:standardcontextual;}span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Aptos",sans-serif;
color:windowtext;}.MsoChpDefault
{mso-style-type:export-only;
font-size:11.0pt;
font-family:"Aptos",sans-serif;}div.WordSection1
{page:WordSection1;}ol
{margin-bottom:0in;}ul
{margin-bottom:0in;}</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<title></title>
<div align="center">
<table width="30%" cellspacing="2" cellpadding="2" border="1">
<tbody>
<tr>
<td valign="top" bgcolor="#ffff00"> <span
style="color: red;">NOTICE:</span> Pay attention -
external email - Sender is
<a class="moz-txt-link-abbreviated" href="mailto:0100018f693fd56b-e31b4721-c8ba-4ae7-a5bb-de9b42be70ce-000000@amazonses.com">0100018f693fd56b-e31b4721-c8ba-4ae7-a5bb-de9b42be70ce-000000@amazonses.com</a>
</td>
</tr>
</tbody>
</table>
<br>
</div>
<br>
<div class="WordSection1">
<p class="MsoNormal" style="margin-bottom:0in">## Minutes of
SMCWG<o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">
<o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">May 8,
2024<o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">
<o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">These are the
Draft
Minutes of the meeting described in the subject of this
message.
Corrections and clarifications where needed are encouraged by
reply.<o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">
<o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">##
Attendees<o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">
<o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">Abhishek Bhat -
(eMudhra), Adriano Santoni - (Actalis S.p.A.), Aggie Wang -
(TrustAsia), Andrea Holland - (VikingCloud), Ashish Dhiman -
(GlobalSign), Ben Wilson - (Mozilla), Bruce Morton -
(Entrust),
Clint Wilson - (Apple), Corey Bonnell - (DigiCert), Dimitris
Zacharopoulos - (HARICA), Inaba Atsushi - (GlobalSign), Inigo
Barreira - (Sectigo), Janet Hines - (VikingCloud), Judith
Spencer -
(CertiPath), Keshava Nagaraju - (eMudhra), Marco Schambach -
(IdenTrust), Martijn Katerbarg - (Sectigo), Morad Abou Nasser
-
(TeleTrust), Mrugesh Chandarana - (IdenTrust), Nome Huang -
(TrustAsia), Rebecca Kelly - (SSL.com), Renne Rodriguez -
(Apple),
Rollin Yu - (TrustAsia), Scott Rea - (eMudhra), Stefan
Selbitschka
- (rundQuadrat), Stephen Davidson - (DigiCert), Tadahiko Ito -
(SECOM Trust Systems), Tathan Thacker - (IdenTrust), Tsung-Min
Kuo
- (Chunghwa Telecom), Wendy Brown - (US Federal PKI Management
Authority)<o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">
<o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">## 1. Roll
Call<o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">
<o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">The Roll Call was
taken.<o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">
<o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">## 2. Read
Antitrust
Statement<o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">
<o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">The statement was
read concerning the antitrust policy, code of conduct, and
intellectual property rights agreement.<o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">
<o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">## 3. Review
Agenda<o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">
<o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">Minutes were
prepared by Stephen Davidson.<o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">
<o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">## 4. Approval of
minutes from last teleconference<o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">
<o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">The minutes for
the
teleconference of April 24 were approved.<o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">
<o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">## 5.
Discussion<o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">
<o:p> </o:p></p>
<p class="MsoNormal">Stephen Davidson noted that Ballot SMC06
was
in IPR until May 11. See <a
href="https://lists.cabforum.org/pipermail/smcwg-public/2024-April/000957.html"
moz-do-not-send="true" class="moz-txt-link-freetext">
https://lists.cabforum.org/pipermail/smcwg-public/2024-April/000957.html</a>.<o:p></o:p></p>
<p class="MsoNormal">The WG discussed and approved the change of
KeyFactor from an Interested Party to an Associate Member,
Ellie
Schieder as an Interested Party, and Posteo e.K as a
Certificate
Consumer.<o:p></o:p></p>
<p class="MsoNormal">The WG reviewed and discussed a ballot
proposed by Martijn Katerbarg which would bring the S/MIME BR
up to
date with a recent ballot at the TLS BR for logging.
See more at <a
href="https://github.com/cabforum/smime/issues/241"
moz-do-not-send="true" class="moz-txt-link-freetext">https://github.com/cabforum/smime/issues/241</a>
<o:p></o:p></p>
<p class="MsoNormal">The WG had an extensive discussion
regarding
the migration to Multipurpose/Strict profiles. Stephen noted
that so far only two points had been raised by Certificate
Issuers:<o:p></o:p></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoListParagraphCxSpFirst"
style="margin-left:0in;mso-add-space:auto;mso-list:l0 level1 lfo1">Having
adequate time (such as one year) to allow ERAs using
integration
time to adapt.<o:p></o:p></li>
<li class="MsoListParagraphCxSpLast"
style="margin-left:0in;mso-add-space:auto;mso-list:l0 level1 lfo1">
Concerns relating to the impact of shorter validity on
deployments
using tokens/smartcards.<o:p></o:p></li>
</ul>
<p class="MsoNormal" style="margin-bottom:0in">Judith Spencer
and
Wendy Brown commented that the shorter validity had real
impact on
large (including public sector) deployments that use
tokens/smartcards, including:<o:p></o:p></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoListParagraphCxSpFirst"
style="margin-bottom:0in;margin-left:0in;mso-add-space:auto;mso-list:l1 level1 lfo2">
limited storage on tokens/smartcards;<o:p></o:p></li>
<li class="MsoListParagraphCxSpMiddle"
style="margin-bottom:0in;margin-left:0in;mso-add-space:auto;mso-list:l1 level1 lfo2">
the increased burden of key exchange; and<o:p></o:p></li>
<li class="MsoListParagraphCxSpLast"
style="margin-bottom:0in;margin-left:0in;mso-add-space:auto;mso-list:l1 level1 lfo2">
and the costs of support for rekeying.<o:p></o:p></li>
</ul>
<p class="MsoNormal" style="margin-bottom:0in">The question was
raised whether it would be feasible to increase the validity
for
the Multipurpose profile to 1185 days in general, or in cases
where
tokens/smartcards are used. Clint Wilson spoke about the
security and crypto agility benefits of shorter validity
periods. It was agreed this topic would be continued in
Bergamo.<o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">
<o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">## 6. Any Other
Business<o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">
<o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">None.<o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">
<o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">## 7. Next
call<o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">
<o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">Next call: the
teleconference scheduled for May 22 has been cancelled. Next
meeting is Bergamo F2F.<o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">
<o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">##
Adjourned<o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:0in">
<o:p> </o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;line-height:115%"><o:p> </o:p></span></p>
</div>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
Smcwg-management mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Smcwg-management@cabforum.org">Smcwg-management@cabforum.org</a>
<a class="moz-txt-link-freetext" href="https://lists.cabforum.org/mailman/listinfo/smcwg-management">https://lists.cabforum.org/mailman/listinfo/smcwg-management</a>
</pre>
</blockquote>
</body>
</html>