[Cscwg-public] Voting period begins: Ballot CSC-12 - CRL Revocation Date Clarification

Christopher Kemmerer chris at ssl.com
Tue Nov 2 03:04:24 UTC 2021 

SSL.com votes YES on ballot CSC-12.

On 10/27/2021 12:56 AM, Dimitris Zacharopoulos (HARICA) via Cscwg-public 
wrote:
> HARICA votes "yes" to ballot CSC-12.
>
> On 26/10/2021 5:01 μ.μ., Corey Bonnell via Cscwg-public wrote:
>>
>>
>>   CRL Revocation Date Clarification
>>
>>
>>     Purpose of this ballot:
>>
>> While RFC 5280, section 5.3.2 specifies that it is best practice to 
>> include the Invalidity Date CRL entry extension to denote when a 
>> certificate first became invalid, Certificate Consumer software 
>> commonly ignores this extension in favor of using the time encoded in 
>> the CRL entry revocationDate field for this purpose. This ballot 
>> clarifies that CAs shall use the revocationDate to denote when a 
>> certificate first became invalid even if that time precedes issuance 
>> of the latest CRL. Additionally, this ballot clarifies that if the CA 
>> is becomes aware of a more appropriate revocation date for a revoked 
>> Code Signing Certificate, then the CA may include this date in 
>> subsequently issued CRLs and OCSP responses pertaining to that 
>> revoked Code Signing Certificate.
>>
>> The following motion has been proposed by Corey Bonnell of DigiCert 
>> and endorsed by Rob Stradling of Sectigo and Bruce Morton of Entrust.
>>
>>
>>     MOTION BEGINS
>>
>> This ballot updates the “Baseline Requirements for the Issuance and 
>> Management of Publicly‐Trusted Code Signing Certificates” version 2.5 
>> according to the attached redline which includes:
>>
>>   * Add the effective date of the CRL profile change in section 1.3.
>>   * Modification of the third paragraph of section 13.2.1.
>>   * Addition of two paragraphs after the third paragraph of section
>>     13.2.1.
>>   * Add explanatory footnote to the bottom of the last page of
>>     section 13.2.1.
>>
>>
>>     MOTION ENDS
>>
>> The procedure for approval of this ballot is as follows:
>>
>> Discussion (7+ days)
>>
>> Start Time: 2021-10-19 14:00 UTC
>>
>> End Time: 2021-10-26 14:00 UTC
>>
>> Vote for approval (7 days)
>>
>> Start Time: 2021-10-26 14:00 UTC
>>
>> End Time: 2021-11-02 14:00 UTC
>>
>>
>> _______________________________________________
>> Cscwg-public mailing list
>> Cscwg-public at cabforum.org
>> https://lists.cabforum.org/mailman/listinfo/cscwg-public
>
>
> _______________________________________________
> Cscwg-public mailing list
> Cscwg-public at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/cscwg-public
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20211101/8f92eac9/attachment-0001.html>

More information about the Cscwg-public mailing list