[Cscwg-public] Subscriber Private Key Protection Deadline Update

Tim Hollebeek tim.hollebeek at digicert.com
Wed Sep 7 15:04:44 UTC 2022


I'm normally very supportive of SHOULD requirements, but for a deadline like this, I can unfortunately guarantee that including a June SHOULD date will have absolutely no practical effect.  Instead, I would support any and all proposals people can think of for disincentivizing people from waiting until the last minute.  It's an important problem and one I wish we had better ways of dealing with.

-Tim

From: Cscwg-public <cscwg-public-bounces at cabforum.org> On Behalf Of Ian McMillan via Cscwg-public
Sent: Wednesday, September 7, 2022 10:57 AM
To: cscwg-public at cabforum.org
Subject: [Cscwg-public] Subscriber Private Key Protection Deadline Update

Hi Folks,

Since the announcement of the new subscriber private key protection requirements in CSBR v2.8 (Ballot CSC-13), I've fielded a number of questions and feedback on the November 15, 2022 deadline. I feel it is in the best interest of subscribers and CAs to delay this deadline to be October 1, 2023 for a number of reasons.


  1.  Subscriber & CA readiness time window from v2.8 to the November 15, 2022 deadline is too tight.
  2.  The November 15, 2022 deadline lands too close to typical end of calendar year deployment or change "freeze" periods.
  3.  The current global economic state makes investments a challenge and added operational budget pressure for all parties (subscribers, CAs, certificate consumers).
  4.  Supply chain challenges make obtaining the proper key protection solution by November 15, 2022 increasingly difficult.

The accumulation of challenges for both subscribers and CAs, I feel we need to delay the deadline to be delayed. That said, I'd like to propose we have a "SHOULD" date of June 1, 2023, and a "MUST" date of October 1, 2023. I believe this will allow CAs and subscribers to begin adoption of the new private key protection requirements ahead of the enforcement deadline of October 1, 2023.

I'd like to discuss this as an immediate ballot in the next WG meeting scheduled for September 8, 2022.

Cheers,
Ian McMillan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20220907/8e0cbadd/attachment-0001.html>


More information about the Cscwg-public mailing list