[Cscwg-public] Final Minutes for Code Signing Working Group
Dean Coclin
dean.coclin at digicert.com
Thu Aug 29 10:05:09 MST 2019
Approved Meeting Minutes
1. Call to order
2. Roll call performed - Bruce Morton, Tomas Gutavsson, Tony Rutkowski,
Tim Callen, Jason Cooper, Rich Smith, Gordon Bock, Ben Wilson, Hugh Mercer
3. Anti-trust statement was read
4. Approved minutes from August 1, 2019 meeting
5. No new members to the form.
6. Code Signing final guidelines have been ratified by the CAB Forum
a. Now we can make changes to the guidelines
b. Ben will post the guideline on a CAB Forum page
c. Microsoft will need to update this link http://aka.ms/csbr to point
to the CAB Forum page
d. After which, CASC should be requested to remove old guideline from
their resource page https://casecurity.org/resources/
7. Discussed the ability to separate Time-stamping from the Code
Signing guidelines as it has been stated this is outside of the charter of
this Working Group.
a. Ben proposed to re-charter the Code Signing working group re-charter
to include Time-stamping
b. Concerns that Time-stamping may impact Document Signing
c. Currently there isn't a Document Signing or a Time-stamping WG
d. Proposal is to take first step to include Time-stamping in the Code
Signing WG, however if a Document Signing WG spins up then we can create
another WG specific to Time-stamping
8. Information sharing to be complete by CA members,
https://1drv.ms/x/s!Aj5mKADqdqlWhSiFqRuWpcG-FdFQ
9. Review of action items/discussion topics/additional changes
a. Jason to discuss with Mike whether we should move up the SHA1
prohibition
b. Reviewed kernel mode services
c. Maintain revocation services for 10 years
d. Working on a "clean-up" ballot for BSR's that will remove obsolete
dates, do we need to do something similar for CS?
10. No other business to discuss.
11. Adjourned.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/cscwg-public/attachments/20190829/e21b2c19/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4916 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/cscwg-public/attachments/20190829/e21b2c19/attachment.p7s>
More information about the Cscwg-public
mailing list