[Cscwg-public] FW: Code Signing Summit Review and Actions

Dean Coclin dean.coclin at digicert.com
Thu Mar 26 15:04:29 MST 2020 

The Code Signing Summit was held on March 18th via the Microsoft Teams
collaboration tool. 

 

Attendees: Dean Coclin, Mike Reilly, Bruce Morton, Daniela Hood, Julio
Montano, Eva Van Steenberge, Mark Waldron, Hugh Mercer, Atsushi Inaba,
Joanna Fox, Karina Sirota, Tim Crawford, Karthik Ramsany, Tim Hollebeek, Ian
McMillan, Corey Bonell, Thomas Zermeno, Gordon Bock, Thanos Vrachnos,
Dimitris Zacharopoulos, Vikas Khanna, Jeffrey Sutherland, Leo Grove, Rashmi
Jha, Chris Kemmerer, Aaron Russell, Scott Olsen

 

Summary: Led by Bruce, the group reviewed the EV Code Signing and the
Minimum Requirements (MR) for Code Signing documents in an attempt to merge
the two into a single document. The goal was to merge without changing
anything but some minor changes were allowed to fix obvious errors. The MR
document was used as the baseline and where EV requirements were added, they
were preceded by the text "For EV Certificates.". The group spent several
hours working on this and was able to get through the entire document.
Several items were put into a "parking lot" for future review. 

 

Actions: The group agreed to review the following sections at a later time:

1.	Section 11.1.1
2.	Section 16.3 (add cloud based)
3.	Section 16.4
4.	How to identify individuals working on open source code as part of a
consortium
5.	Warranty section
6.	ETSI Audit section
7.	Timestamp data retention
8.	Appendix A

 

The group will continue to meet per the normal schedule and work on the
above issues before publishing the draft for review by all members.

 

A big thank you to Bruce Morton for all his prep work and facilitating the
conversation. Also thank you to Microsoft for organizing the event and use
of the Teams service which greatly helped us in this virtual meeting.

 

 

 

Dean Coclin

CSCWG Chair

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/cscwg-public/attachments/20200326/ebd15b6e/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4916 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/cscwg-public/attachments/20200326/ebd15b6e/attachment-0001.p7s>

More information about the Cscwg-public mailing list