[cabfpub] Proposed Baseline Requirements for Code Signing Certificates

Atsushi Inaba atsushi.inaba at globalsign.co.jp
Fri Nov 15 01:20:51 UTC 2013

Sorry.   I'm late.


Could I request to extend the maximum validity period of Timestamp Authority

certificate to one hundred and thirty-five months? (11years and 3 months.)


Followings are the situations in Japan.


Timestamping is used for both code-signing and document-signing.


Timestamp service providers need 11 year TSA certificate to generate the

trusted time stamp for the documents those are the objects of Japanese

e-document law. In this law, several types of documents are specified to be 

able to verify over the  next 10 years after digitally signed.


So, timestamp service providers use TSA certificate to sign only for 1 year

to keep 10 years as verifiable period. They need new 11 year TSA certificate

every year.




There is the governmental accreditation system for time-stamping service in



Kind regards,

Atsushi Inaba




From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On
Behalf Of Jeremy Rowley
Sent: Thursday, October 31, 2013 1:15 AM
Subject: [cabfpub] Proposed Baseline Requirements for Code Signing


Hi everyone, 


Attached are the code signing working group's proposed baseline
requirements.  We are circulating this draft primarily for comment by the
general CAB Forum membership. After two weeks, we plan to make an update
based on feedback, and circulate the updated draft for public comments.


I look forward to your feedback.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20131115/c5d53a46/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5501 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20131115/c5d53a46/attachment.p7s>

More information about the Public mailing list