[Cscwg-public] Voting period begins: Ballot CSC-12 - CRL Revocation Date Clarification

Inigo Barreira Inigo.Barreira at sectigo.com
Tue Oct 26 15:29:29 UTC 2021


Sectigo votes YES



De: Cscwg-public <cscwg-public-bounces at cabforum.org> En nombre de Corey
Bonnell via Cscwg-public
Enviado el: martes, 26 de octubre de 2021 16:02
Para: cscwg-public at cabforum.org
Asunto: [Cscwg-public] Voting period begins: Ballot CSC-12 - CRL Revocation
Date Clarification



CAUTION: This email originated from outside of the organization. Do not
click links or open attachments unless you recognize the sender and know the
content is safe.




CRL Revocation Date Clarification





Purpose of this ballot:


While RFC 5280, section 5.3.2 specifies that it is best practice to include
the Invalidity Date CRL entry extension to denote when a certificate first
became invalid, Certificate Consumer software commonly ignores this
extension in favor of using the time encoded in the CRL entry revocationDate
field for this purpose. This ballot clarifies that CAs shall use the
revocationDate to denote when a certificate first became invalid even if
that time precedes issuance of the latest CRL. Additionally, this ballot
clarifies that if the CA is becomes aware of a more appropriate revocation
date for a revoked Code Signing Certificate, then the CA may include this
date in subsequently issued CRLs and OCSP responses pertaining to that
revoked Code Signing Certificate.



The following motion has been proposed by Corey Bonnell of DigiCert and
endorsed by Rob Stradling of Sectigo and Bruce Morton of Entrust.




MOTION BEGINS


This ballot updates the “Baseline Requirements for the Issuance and
Management of Publicly‐Trusted Code Signing Certificates” version 2.5
according to the attached redline which includes:

*	Add the effective date of the CRL profile change in section 1.3.
*	Modification of the third paragraph of section 13.2.1.
*	Addition of two paragraphs after the third paragraph of section
13.2.1.
*	Add explanatory footnote to the bottom of the last page of section
13.2.1.


MOTION ENDS




The procedure for approval of this ballot is as follows:



Discussion (7+ days)

Start Time: 2021-10-19 14:00 UTC

End Time: 2021-10-26 14:00 UTC



Vote for approval (7 days)

Start Time: 2021-10-26 14:00 UTC

End Time: 2021-11-02 14:00 UTC



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20211026/aa105af2/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6853 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20211026/aa105af2/attachment-0001.p7s>


More information about the Cscwg-public mailing list