[Cscwg-public] Final CSCWG Minutes Jan 25, 2024

Dean Coclin dean.coclin at digicert.com
Thu Feb 8 17:12:14 UTC 2024 

Here are the final minutes of the subject call:

 

CSCWG Conference Call-2024/01/25 

 

Attendees:

Scott Rea,

Corey Bonnell,

Thomas Zermeno,

Bruce Morton,

Atsushi Inaba,

Mohit Kumar,

Dean Coclin,

Brianca Martin,

Martijn Katerbarg,

Bhat Abhishek,

Trevoli Ponds-White,

Tim Crawford,

Keshava N,

Inigo Barreira,

Janet Hines,

Tim Hollebeek,

Richard Kisley,

Lucy Buecking,

Ian McMillan

 

Agenda + Notes:

1. Roll Call 

*	Completed by Dean

2. Antitrust reminder 

*	Completed by Dean

3. Approve prior meeting minutes - Jan 11th 

*	Meeting Minutes from 2024/01/11 sent out on 2024/01/12, Approved

4. Ballot CSC-21 Signing Service: Status

*	In IPR until 2024/02/18

5. Ballot CSC-22 Proposed High Risk Ballot: Status

*	In IPR until 2024/02/18

6. Proposed ballot Remove EV Guideline References status

*	Work done by Dimitris to pull in the necessary text from the EV
Guidelines and ready for feedback in
https://github.com/cabforum/code-signing/compare/main...importEVG
<https://url.avanan.click/v2/___https:/github.com/cabforum/code-signing/comp
are/main...importEVG___.YXAzOmRpZ2ljZXJ0OmE6bzo3N2JiZjFkNzkxN2NiZTg5ZThkN2Fi
YmM3MGQ3MWIwNDo2OmVkNzg6MWZjYjBhMTllMjU4ZGU2YTFiMjI1MDQwMzkxMTg2YTk5NjgyYmY1
OTkzNThhMTg3MzY0MTcwN2FhOThlZTU5MDpoOkY> 

7. Proposed ballot CSCWG charter update status

*	Completed at the Forum level, and merged.

8. Proposed ballot for Time-stamp Requirements update.

*	Martijn has a draft in CSC-XX: Timestamp Certificate, SubCA and Key
restrictions by XolphinMartijn
<https://url.avanan.click/v2/___https:/github.com/cabforum/code-signing/pull
/34___.YXAzOmRpZ2ljZXJ0OmE6bzo3N2JiZjFkNzkxN2NiZTg5ZThkN2FiYmM3MGQ3MWIwNDo2O
jEyZjI6OTQyOGI3ODJkMzRlYzUxZDUxODZiMWE4MDBlYjAzNTg1M2JmMTA0YzI5NTZhY2NjZWIzM
WFhNGJmOGVlOWE1ZDpoOkY> . Pull Request #34 . cabforum/code-signing
(github.com)
*	General pieces are to add key deletion for timestamp certs with
validity greater than 15 months, remove SHA1 tokens, and making sure offline
SubCA (TSA CA)
*	Need to add effective date for offline subCA requirements, and scope
to only new end-entity certs needing to be fulfilled from an offline subCA.

*	Can look to separately define these effective dates and make a
proposal

*	Group to review, provide feedback, and look to endorse

9. Other business

*	Membership application from Troy Anderson, Common Crypto Authority
as an Interested Party

*	No objections for adding as an Interested Party

*	Next F2F Discussion Topics?

*	Most folks will attend virtually
*	To discuss at next meeting on 2024/02/08
*	Group to bring item ideas for the F2F
*	Consider Certificate Transparency & simplifying EV code signing
*	Consider making the session at the F2F shorter (currently on Tuesday
night at 11:30pm ET, 8:30pm PT)

10. Next meeting -  February 8th    

11. Adjourn 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20240208/33af2675/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5197 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20240208/33af2675/attachment-0001.p7s>

More information about the Cscwg-public mailing list