[Cscwg-public] [External Sender] Subscriber Private Key Protection Deadline Update

Adriano Santoni adriano.santoni at staff.aruba.it
Wed Sep 7 15:15:37 UTC 2022


I apologize for being so frank but ... suggesting (and by Microsoft 
itself) such a huge extension of the deadline makes me think that the 
security threats that led to the introduction of the new requirements on 
private key protection were not so well founded or important ....

Adriano

ACTALIS S.p.A.


Il 07/09/2022 16:57, Ian McMillan via Cscwg-public ha scritto:
> NOTICE: Pay attention - external email - Sender is 
> 01000183187467e5-7dfccd2b-b6c6-44cb-af0a-5feef90de6d3-000000 at amazonses.com 
>
>
>
>
> Hi Folks,
>
> Since the announcement of the new subscriber private key protection 
> requirements in CSBR v2.8 (Ballot CSC-13), I’ve fielded a number of 
> questions and feedback on the November 15, 2022 deadline. I feel it is 
> in the best interest of subscribers and CAs to delay this deadline to 
> be October 1, 2023 for a number of reasons.
>
>  1. Subscriber & CA readiness time window from v2.8 to the November
>     15, 2022 deadline is too tight.
>  2. The November 15, 2022 deadline lands too close to typical end of
>     calendar year deployment or change “freeze” periods.
>  3. The current global economic state makes investments a challenge
>     and added operational budget pressure for all parties
>     (subscribers, CAs, certificate consumers).
>  4. Supply chain challenges make obtaining the proper key protection
>     solution by November 15, 2022 increasingly difficult.
>
> The accumulation of challenges for both subscribers and CAs, I feel we 
> need to delay the deadline to be delayed. That said, I’d like to 
> propose we have a “SHOULD” date of June 1, 2023, and a “MUST” date of 
> October 1, 2023. I believe this will allow CAs and subscribers to 
> begin adoption of the new private key protection requirements ahead of 
> the enforcement deadline of October 1, 2023.
>
> I’d like to discuss this as an immediate ballot in the next WG meeting 
> scheduled for September 8, 2022.
>
> Cheers,
>
> Ian McMillan
>
>
> _______________________________________________
> Cscwg-public mailing list
> Cscwg-public at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/cscwg-public
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20220907/e4d18218/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4557 bytes
Desc: Firma crittografica S/MIME
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20220907/e4d18218/attachment.p7s>


More information about the Cscwg-public mailing list