[Cscwg-public] F2F Minutes

Bruce Morton Bruce.Morton at entrust.com
Tue Mar 2 20:02:02 UTC 2021


Moved to public list.

 

The CSBRs state, “The Timestamp Authority MUST use a new Timestamp
Certificate with a new private key no later than every 15 months to minimize
the impact to users in the event that a Timestamp Certificate's private key
is compromised. The validity for a Timestamp Certificate must not exceed 135
months. The Timestamp Certificate MUST meet the "Minimum Cryptographic
Algorithm and Key Size Requirements" in Appendix A for the communicated time
period.” As such, the CSBRs are stating that the Timestamp Certificate
private key has a lifetime of 15 months for signing. 

 

The change will reduce the validity period of the certificate from 135
months to 15 months. The reason is that the Windows application will check
the validity period of the Timestamp Certificate. The signature should be
trusted if it occurred at a time when the Code Signing certificate was valid
(i.e., not expired or revoked). The time will be asserted with the timestamp
token.

 

Bruce.

 

From: Atsushi Inaba <atsushi.inaba at globalsign.com> 
Sent: Tuesday, March 2, 2021 2:51 PM
To: Bruce Morton <Bruce.Morton at entrust.com>; cscwg-management at cabforum.org
Cc: Atsushi Inaba <atsushi.inaba at globalsign.com>
Subject: [EXTERNAL] [EXTERNAL] RE: F2F Minutes

 

WARNING: This email originated outside of Entrust.
DO NOT CLICK links or attachments unless you trust the sender and know the
content is safe.

  _____  

Hello Bruce,

 

Thank you for sharing the material.

 

Could I make sure the consideration about the validity

period of TSA certificate ?  How the private key and

certificate of TSA are used when the max validity of TSA

certificate is 15 months?  

 

Sorry, I missed the TSA validity related discussion at

last CSCWG meeting.  ( I was dozing off, maybe...)

 

Sorry to trouble you.

 

Atsushi Inaba

―――――――――――――――――――――――――――――

GMO GlobalSign K.K.

 

Business Planning

Atsushi Inaba

 

1-2-3, Dogenzaka, Shibuya Ku, Tokyo, Japan

150-0043

 

TEL: +81-3-6370-6671

FAX: +81-3-6370-6505

E-MAIL: atsushi.inaba at globalsign.com <mailto:atsushi.inaba at globalsign.com> 

URL:https://jp.globalsign.com/

―――――――――――――――――――――――――――――

THANK YOU 25 YEARS Internet for Everyone

―――――――――――――――――――――――――――――

■ GMO INTERNET GROUP ■ http://www.gmo.jp/

―――――――――――――――――――――――――――――

This e-mail message is intended to be conveyed only to the 

designated recipient(s). If you are NOT the intended 

recipient(s) of this e-mail, please kindly notify the sender 

immediately and delete the original message from your system.

 

From: Cscwg-management <cscwg-management-bounces at cabforum.org
<mailto:cscwg-management-bounces at cabforum.org> > On Behalf Of Bruce Morton
via Cscwg-management
Sent: Wednesday, March 3, 2021 3:57 AM
To: Bruce Morton <Bruce.Morton at entrust.com <mailto:Bruce.Morton at entrust.com>
>; cscwg-management at cabforum.org <mailto:cscwg-management at cabforum.org> 
Subject: Re: [Cscwg-management] F2F Minutes

 

Here are the slides,
https://wiki.cabforum.org/_media/cscwg/f2f_cswg_20210302_v2.pdf.

 

Bruce.

 

From: Cscwg-management <cscwg-management-bounces at cabforum.org
<mailto:cscwg-management-bounces at cabforum.org> > On Behalf Of Bruce Morton
via Cscwg-management
Sent: Tuesday, March 2, 2021 10:42 AM
To: cscwg-management at cabforum.org <mailto:cscwg-management at cabforum.org> 
Subject: [EXTERNAL] [Cscwg-management] F2F Minutes

 

WARNING: This email originated outside of Entrust.
DO NOT CLICK links or attachments unless you trust the sender and know the
content is safe.

  _____  

I will use a presentation for today’s meeting.

 

Can someone volunteer to take minutes? The slides will really help. 

 

Thanks, Bruce.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20210302/ad6a5b2d/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4929 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20210302/ad6a5b2d/attachment-0001.p7s>


More information about the Cscwg-public mailing list