[Cscwg-public] Proposal to make changes to revocation based on malware

Martijn Katerbarg martijn.katerbarg at sectigo.com
Mon Jun 27 14:03:59 UTC 2022


All,

 

As already hinted during the last meeting during the F2F, Ian and I, have been working on a proposal affecting the guidelines regarding malware based revocation.

 

The intent of this change is to:

*	Limit the number of days before a certificate needs to be revoked, especially when the subscriber is not responding to inquiries
*	Remove the OCSP log analysis requirements
*	Simplify the process that has to be followed

 

I have attached 3 documents: one with the current language, one with the proposed language, as well as a redlined version.

 

The changes have been made based on upcoming version 3.0 of the CSCBRs. In case you wish to compare with version 2.8, the relevant section is 13.1.5.3. Besides to that section, there is also a change to the “Suspect Code” definition, as well as a new definition in the proposal.

Once PR6 <https://github.com/cabforum/code-signing/pull/6>  has been merged, I will also prepare the changes in GIT for those that prefer comparing there.

 

Looking forward to comments to this and move towards a potential ballot.

Regards,

Martijn

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20220627/bf560144/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CSC BR Proposal Section 4.9.1.3 - Current Language.docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 21867 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20220627/bf560144/attachment-0003.docx>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CSC BR Proposal Section 4.9.1.3 - Proposed Language.docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 22010 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20220627/bf560144/attachment-0004.docx>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CSC BR Proposal Section 4.9.1.3 - Redlined.docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 30694 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20220627/bf560144/attachment-0005.docx>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6827 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20220627/bf560144/attachment-0001.p7s>


More information about the Cscwg-public mailing list