[Cscwg-public] [EXTERNAL] Re: Voting Begins: Ballot CSC-8 v3: Update to Revocation response mechanisms. key protection for EV certificates, and clean-up of 11.2.1 & Appendix B

Mon Mar 29 15:41:12 UTC 2021

Hi Bruce,

There was some delay in the delivery of the email, probably something 
related to our internal systems.

HARICA votes "yes" to ballot CSC-8 v3.

Thanks,
Dimitris.

On 29/3/2021 6:26 μ.μ., Bruce Morton via Cscwg-public wrote:
>
> Yes.
>
> Bruce.
>
> *From:* Dimitris Zacharopoulos <jimmy at it.auth.gr>
> *Sent:* Monday, March 29, 2021 11:04 AM
> *To:* Bruce Morton <Bruce.Morton at entrust.com>; cscwg-public at cabforum.org
> *Cc:* Ian McMillan <ianmcm at microsoft.com>
> *Subject:* [EXTERNAL] Re: [Cscwg-public] Voting Begins: Ballot CSC-8 
> v3: Update to Revocation response mechanisms. key protection for EV 
> certificates, and clean-up of 11.2.1 & Appendix B
>
> WARNING: This email originated outside of Entrust.
> DO NOT CLICK links or attachments unless you trust the sender and know 
> the content is safe.
>
> ------------------------------------------------------------------------
>
> Hi Bruce,
>
> Did Ian initiate the voting period for this ballot?
>
> DZ.
>
> Mar 29, 2021 17:44:38 Bruce Morton via Cscwg-public 
> <cscwg-public at cabforum.org <mailto:cscwg-public at cabforum.org>>:
>
>     Entrust votes Yes to ballot CSC-8.
>
>     Bruce.
>
>     *From:*Cscwg-public <cscwg-public-bounces at cabforum.org
>     <mailto:cscwg-public-bounces at cabforum.org>> *On Behalf Of *Ian
>     McMillan via Cscwg-public
>     *Sent:* Thursday, March 25, 2021 8:50 PM
>     *To:* cscwg-public at cabforum.org <mailto:cscwg-public at cabforum.org>
>     *Subject:* [EXTERNAL] [Cscwg-public] Voting Begins: Ballot CSC-8
>     v3: Update to Revocation response mechanisms. key protection for
>     EV certificates, and clean-up of 11.2.1 & Appendix B
>
>     WARNING: This email originated outside of Entrust.
>     DO NOT CLICK links or attachments unless you trust the sender and
>     know the content is safe.
>
>     ------------------------------------------------------------------------
>
>     *Ballot CSC-8 v3: Update to Revocation response mechanisms. key
>     protection for EV certificates, and clean-up of 11.2.1 & Appendix B*
>
>     Purpose of this ballot:
>
>     Address the changes needed in the Baseline Requirement for the
>     Issuance and Management of Publicly-Trusted Code Signing
>     Certificates v2.2 for:
>
>      1. Making OCSP optional with CRLs being required (13.2.1, 13.2.2,
>         Appendix B: 3C, 5C)
>      2. Added Common Criteria EAL 4+ to the supported key protection
>         crypto modules for EV certificates in light of support for RSA
>         3072 keys (16.3.2)
>      3. Clean up of Appendix B[3C] & [5C] (AIA value requirements) and
>         section 11.2.1 contradiction with RFC3161
>
>     In Appendix B, it was noted that the requirements for the
>     Timestamping (5C) and Code Signing (3C) certificates had AIA value
>     requirements to include the root certificate URL, but that should
>     be the issuing CA URL. This has been included in this ballot.
>
>     Corey Bonnell noted a contradiction in the section 11.2.1
>     regarding Timestamp in the clause “and appends it own Timestamp
>     Certificate” is an unconditional requirement for a timestamp
>     response to include the TSA certificate chain, but this conflicts
>     with RFC3161 making this clause a conditional requirement based on
>     the certReq field (missing or set to false). This clean up has the
>     clause removed from section 11.2.1.
>
>     The following motion has been proposed by Ian McMillan of
>     Microsoft, and endorsed by Dimitris Zacharopoulos of HARICA and
>     Bruce Morton of EnTrust.
>
>     --- MOTION BEGINS ---
>
>     This ballot modifies the “Baseline Requirements for the Issuance
>     and Management of Publicly‐Trusted Code Signing Certificates"
>     version 2.2 according to the attached redline.
>
>     --- MOTION ENDS ---
>
>     The procedure for approval of this ballot is as follows:
>
>     Discussion (7 days)
>     Start Time: 2021-03-18, 17:30 Eastern Time (US)
>     End Time: not before 2021-03-25, 17:30 Eastern Time (US)
>
>     Vote for approval (7 days)
>
>     Start Time: 2021-03-25, 17:30 Eastern Time (US)
>
>     End Time: 2021-04-01, 17:30 Eastern Time (US)
>
>     _______________________________________________
>     Cscwg-public mailing list
>     Cscwg-public at cabforum.org <mailto:Cscwg-public at cabforum.org>
>     https://lists.cabforum.org/mailman/listinfo/cscwg-public
>     <https://urldefense.com/v3/__https:/lists.cabforum.org/mailman/listinfo/cscwg-public__;!!FJ-Y8qCqXTj2!PUDpkMGA0tB5qvu3BPoc0aVbzLFCukYC72fR7LkI9B2Mk7_clRj19mXkPj9HwDceNYA$>
>
>
>
> _______________________________________________
> Cscwg-public mailing list
> Cscwg-public at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/cscwg-public

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20210329/c884069f/attachment.html>