[Cscwg-public] Voting period begins: Ballot CSC-12 - CRL Revocation Date Clarification

Bruce Morton Bruce.Morton at entrust.com
Tue Nov 2 15:34:11 UTC 2021

Hi Andrea,

Unfortunately, this vote is too late as it was received at 14:57 UTC and the deadline was 14:00 UTC. The good news is the ballot has passed.

Thanks, Bruce.

From: Cscwg-public <cscwg-public-bounces at cabforum.org> On Behalf Of Andrea Holland via Cscwg-public
Sent: Tuesday, November 2, 2021 10:57 AM
To: cscwg-public at cabforum.org
Subject: [EXTERNAL] Re: [Cscwg-public] Voting period begins: Ballot CSC-12 - CRL Revocation Date Clarification

WARNING: This email originated outside of Entrust.
DO NOT CLICK links or attachments unless you trust the sender and know the content is safe.
SecureTrust votes yes on CSC-12.

From: Cscwg-public <cscwg-public-bounces at cabforum.org<mailto:cscwg-public-bounces at cabforum.org>> On Behalf Of Corey Bonnell via Cscwg-public
Sent: Tuesday, October 26, 2021 10:02 AM
To: cscwg-public at cabforum.org<mailto:cscwg-public at cabforum.org>
Subject: [Cscwg-public] Voting period begins: Ballot CSC-12 - CRL Revocation Date Clarification

CRL Revocation Date Clarification

Purpose of this ballot:
While RFC 5280, section 5.3.2 specifies that it is best practice to include the Invalidity Date CRL entry extension to denote when a certificate first became invalid, Certificate Consumer software commonly ignores this extension in favor of using the time encoded in the CRL entry revocationDate field for this purpose. This ballot clarifies that CAs shall use the revocationDate to denote when a certificate first became invalid even if that time precedes issuance of the latest CRL. Additionally, this ballot clarifies that if the CA is becomes aware of a more appropriate revocation date for a revoked Code Signing Certificate, then the CA may include this date in subsequently issued CRLs and OCSP responses pertaining to that revoked Code Signing Certificate.

The following motion has been proposed by Corey Bonnell of DigiCert and endorsed by Rob Stradling of Sectigo and Bruce Morton of Entrust.

This ballot updates the “Baseline Requirements for the Issuance and Management of Publicly‐Trusted Code Signing Certificates” version 2.5 according to the attached redline which includes:

  *   Add the effective date of the CRL profile change in section 1.3.
  *   Modification of the third paragraph of section 13.2.1.
  *   Addition of two paragraphs after the third paragraph of section 13.2.1.
  *   Add explanatory footnote to the bottom of the last page of section 13.2.1.


The procedure for approval of this ballot is as follows:

Discussion (7+ days)
Start Time: 2021-10-19 14:00 UTC
End Time: 2021-10-26 14:00 UTC

Vote for approval (7 days)
Start Time: 2021-10-26 14:00 UTC
End Time: 2021-11-02 14:00 UTC

This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
Any email and files/attachments transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed. If this message has been sent to you in error, you must not copy, distribute or disclose of the information it contains. Please notify Entrust immediately and delete the message from your system.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20211102/a0353955/attachment-0001.html>

More information about the Cscwg-public mailing list