[Cscwg-public] CSCWG Agenda Apr 15, 2021

Dimitris Zacharopoulos (HARICA) dzacharo at harica.gr
Tue Apr 20 11:26:27 UTC 2021 

Adriano,

Can you please share some examples of public certifications of equipment 
(HSMs and/or crypto-tokens) that contain this additional TOE security 
requirements information? This will be helpful for CAs and subscribers 
when deciding what equipment to purchase, but also auditors that will 
check that this equipment meets the compliance requirements.


Thank you,
Dimitris.

On 19/4/2021 4:31 μ.μ., Adriano Santoni via Cscwg-public wrote:
>
> All,
>
> as agreed during the last CSWG call, I am attaching to this post a 
> first attempt to revise CSBR §16.3 aimed at clarifyng what kind of CC 
> certifications can reasonably be considered acceptable of a hardware 
> crypto module for code signing (by the Subscriber).
>
> I cannot help but observe, however, that the third option (bullet) in 
> §16.3, although later on is "not recommended", is still allowed 
> although antithetical to the second. Basically, this is saying: "you 
> must use a certified device, but not necessarily". From a logical 
> point of view, it seems to me that it makes no sense. I suppose there 
> is a rationale, probably discussed a long time ago ...
>
> Regards
>
> Adriano
>
>
> Il 14/04/2021 22:08, Bruce Morton via Cscwg-public ha scritto:
>>
>> MINUTE TAKER: *??*
>>
>>  1. Roll Call
>>  2. Antitrust statement
>>  3. Approval of prior meeting minutes (8 April 2021)
>>  4. Cross-sign Roots (Corey)
>>  5. Certificate Policy OID for Time-stamping (Bruce)
>>  6. Common Criteria requirement – update required for CSBRs?
>>  7. CSCWG-6 ballot -  status/questions (Ian)
>>  8. Clean-up ballot – status (Bruce) – SAN, CRL, FIPS 140-*2*,
>>     Root/SubCA Key size, Cross-certificate, TS SHA-1,
>>     Interoperability verification
>>  9. Any other business
>> 10. Next Meeting Apr 22^nd
>>
>> **
>>
>> *Bruce.*
>>
>>
>> _______________________________________________
>> Cscwg-public mailing list
>> Cscwg-public at cabforum.org
>> https://lists.cabforum.org/mailman/listinfo/cscwg-public
>
> _______________________________________________
> Cscwg-public mailing list
> Cscwg-public at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/cscwg-public

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20210420/b187e18c/attachment-0001.html>

More information about the Cscwg-public mailing list