[Cscwg-public] Update to Subscriber Private Key Protection Requirements (CSC-6 to CSC-13)

Wed Mar 2 21:56:30 UTC 2022

I would recommend against using parentheticals to express the deprecation dates, as it makes the sentences more complicated than they need to be.  I'd just modify the first sentence of each part so the structure is as follows:

   For Non-EV Code Signing Certificates issued prior to November 15, 2022, ...

   For EV Code Signing Certificates issued prior to November 15, 2022, ...

   Effective November 15, 2022, ...

But otherwise, the updates look good and we are willing to endorse CSC-13.

-Tim

From: Ian McMillan <ianmcm at microsoft.com>
Sent: Wednesday, March 2, 2022 11:31 AM
To: cscwg-public at cabforum.org; Doug Beattie <doug.beattie at globalsign.com>; Bruce Morton <bruce.morton at entrust.com>; Tim Hollebeek <tim.hollebeek at digicert.com>
Subject: Update to Subscriber Private Key Protection Requirements (CSC-6 to CSC-13)

Hi Folks,

Attached you will find an updated redline doc of v2.7 of the CSBRs with the updates to the subscriber private key protection requirements as outlined previously in CSC-6. This updated version also includes edits to address issues Doug Beattie raised during the voting period of CSC-6, so I am looking for confirmation from Doug on these edits addressing the concerns he raised.

Additionally, I'm looking to get endorsements on this ballot under CSC 13 - Update to Subscriber Private Key Protection Requirements<https://wiki.cabforum.org/cscwg/csc_13_-_update_to_subscriber_private_key_protection_requirements>, and hope that Bruce and Tim, as previous endorsers can review the edits and endorse the new ballot. Once we have endorsers I'll proceed with the formal ballot process.

Cheers,
Ian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20220302/c10485d3/attachment-0001.html>