[Cscwg-public] Signing Service Update
Dimitris Zacharopoulos (HARICA)
dzacharo at harica.gr
Tue Nov 15 07:39:39 UTC 2022
On 4/11/2022 4:08 μ.μ., Bruce Morton wrote:
>
> Please find attached the proposal for the Signing Service update.
>
> https://github.com/cabforum/code-signing/pull/12/commits/0ea86c90f90bdd39581f36214dfb6690f09b32de
>
> @Dimitris Zacharopoulos (HARICA) <mailto:dzacharo at harica.gr>, could
> you please review sections 8.4.2 and 8.4.3 to make sure I have covered
> the ETSI audit criteria.
>
Hi Bruce,
I added a proposed change
<https://github.com/cabforum/code-signing/pull/12/files#r1022431181> for
the Time-stamping audit scheme under ETSI.
I have not had time to review the entire PR but I would like to explore
the option of adding the CEN 419 241 audit scheme as a 3rd option for
signing services in section 8.4.2 which provides an excellent assurance
level for service providers managing signing keys on behalf of Subscribers.
Thanks,
Dimitris.
> I am looking for any other proposed changes, plus two endorsers.
>
> Thanks, Bruce.
>
> /Any email and files/attachments transmitted with it are confidential
> and are intended solely for the use of the individual or entity to
> whom they are addressed. If this message has been sent to you in
> error, you must not copy, distribute or disclose of the information it
> contains. _Please notify Entrust immediately_ and delete the message
> from your system./
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20221115/4da79ddb/attachment.html>
More information about the Cscwg-public
mailing list