[Cscwg-public] Voting period begins: Ballot CSC-12 - CRL Revocation Date Clarification

Wojciech Trapczyński wtrapczynski at certum.pl
Thu Oct 28 06:19:34 UTC 2021


Certum votes yes on Ballot CSC-12.

W dniu 26.10.2021 o 16:01, Corey Bonnell via Cscwg-public pisze:
> 
>   CRL Revocation Date Clarification
> 
> 
>     Purpose of this ballot:
> 
> While RFC 5280, section 5.3.2 specifies that it is best practice to 
> include the Invalidity Date CRL entry extension to denote when a 
> certificate first became invalid, Certificate Consumer software commonly 
> ignores this extension in favor of using the time encoded in the CRL 
> entry revocationDate field for this purpose. This ballot clarifies that 
> CAs shall use the revocationDate to denote when a certificate first 
> became invalid even if that time precedes issuance of the latest CRL. 
> Additionally, this ballot clarifies that if the CA is becomes aware of a 
> more appropriate revocation date for a revoked Code Signing Certificate, 
> then the CA may include this date in subsequently issued CRLs and OCSP 
> responses pertaining to that revoked Code Signing Certificate.
> 
> The following motion has been proposed by Corey Bonnell of DigiCert and 
> endorsed by Rob Stradling of Sectigo and Bruce Morton of Entrust.
> 
> 
>     MOTION BEGINS
> 
> This ballot updates the “Baseline Requirements for the Issuance and 
> Management of Publicly‐Trusted Code Signing Certificates” version 2.5 
> according to the attached redline which includes:
> 
>   * Add the effective date of the CRL profile change in section 1.3.
>   * Modification of the third paragraph of section 13.2.1.
>   * Addition of two paragraphs after the third paragraph of section 13.2.1.
>   * Add explanatory footnote to the bottom of the last page of section
>     13.2.1.
> 
> 
>     MOTION ENDS
> 
> The procedure for approval of this ballot is as follows:
> 
> Discussion (7+ days)
> 
> Start Time: 2021-10-19 14:00 UTC
> 
> End Time: 2021-10-26 14:00 UTC
> 
> Vote for approval (7 days)
> 
> Start Time: 2021-10-26 14:00 UTC
> 
> End Time: 2021-11-02 14:00 UTC
> 
> 
> _______________________________________________
> Cscwg-public mailing list
> Cscwg-public at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/cscwg-public
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3765 bytes
Desc: Kryptograficzna sygnatura S/MIME
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20211028/d8dd102a/attachment.p7s>


More information about the Cscwg-public mailing list