[Cscwg-public] CSCWG Agenda Apr 15, 2021
Adriano Santoni
adriano.santoni at staff.aruba.it
Mon Apr 19 13:31:22 UTC 2021
All,
as agreed during the last CSWG call, I am attaching to this post a first
attempt to revise CSBR §16.3 aimed at clarifyng what kind of CC
certifications can reasonably be considered acceptable of a hardware
crypto module for code signing (by the Subscriber).
I cannot help but observe, however, that the third option (bullet) in
§16.3, although later on is "not recommended", is still allowed although
antithetical to the second. Basically, this is saying: "you must use a
certified device, but not necessarily". From a logical point of view, it
seems to me that it makes no sense. I suppose there is a rationale,
probably discussed a long time ago ...
Regards
Adriano
Il 14/04/2021 22:08, Bruce Morton via Cscwg-public ha scritto:
>
> MINUTE TAKER: *??*
>
> 1. Roll Call
> 2. Antitrust statement
> 3. Approval of prior meeting minutes (8 April 2021)
> 4. Cross-sign Roots (Corey)
> 5. Certificate Policy OID for Time-stamping (Bruce)
> 6. Common Criteria requirement – update required for CSBRs?
> 7. CSCWG-6 ballot - status/questions (Ian)
> 8. Clean-up ballot – status (Bruce) – SAN, CRL, FIPS 140-*2*,
> Root/SubCA Key size, Cross-certificate, TS SHA-1, Interoperability
> verification
> 9. Any other business
> 10. Next Meeting Apr 22^nd
>
> **
>
> *Bruce.*
>
>
> _______________________________________________
> Cscwg-public mailing list
> Cscwg-public at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/cscwg-public
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20210419/f9ecdf46/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: baseline_requirements_for_the_issuance_and_management_of_code_signing.v2.3 revised Adriano (redline).docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 125609 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20210419/f9ecdf46/attachment-0001.docx>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4557 bytes
Desc: Firma crittografica S/MIME
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20210419/f9ecdf46/attachment-0001.p7s>
More information about the Cscwg-public
mailing list