[cabfpub] Teleconference Agenda - CA/B Forum - 7 August 2014
Steve Roylance
steve.roylance at globalsign.com
Thu Aug 7 11:17:00 UTC 2014
Hi Ben.
I'm not sure if my mail made it through yesterday, but I wanted 5 minutes to
look at amending the EV Code Signing guidelines.
I'm happy to discuss as part of the Code Signing Baseline Requirements
Discussion in the agenda, however they don't have the same issue.
Here's the issue for people to think about up front.
Generally,
* Best practice is to have a Timestamp certificate valid for > 10
years at the point of use. - x
* Best practice is to cycle the certificate at least once per year -
y
* Best practice is to allow 3 months for overlaps in process - z
Therefore certificates need to be x+y+z as a maximum.
EV guidelines suggests it's only x+z so we have issues in using for Japanese
based EV code signing for government use.
The new Code Signing Baseline Requirements suggest best practice for y and z
(unless I missed the reference to x)
Can we all agree this is OK and therefore make an amendment to fix the EV
guidelines?
Inaba-san highlighted last year in response to the Baseline Requirements but
it dropped into a hole as far as EV was concerned so I want to clear that
issue. (See his request)
I only need 2 minutes now I guess ;-)
Steve
From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On
Behalf Of Ben Wilson
Sent: 07 August 2014 01:20
To: CABFPub
Subject: [cabfpub] Teleconference Agenda - CA/B Forum - 7 August 2014
Time
Start
Stop
Slot
Description
Notes / Presenters
(Thur) 7 August 2014
0:01
16:00
16:01
1
Read Antitrust Statement
0:02
16:01
16:03
2
Roll Call
0:02
16:03
16:05
3
Review Agenda
0:03
16:05
16:08
4
Approve Minutes of 24 July 2014
Distributed to management list on 24 July and 6 August
0:05
16:08
16:13
5
Ballot review
None pending; review status of Ballot 125 on CAA
0:20
16:13
16:33
6
Code Signing Baseline Requirements Discussion
Certificate Validity Periods; Wrap-up of Other Questions; and Public Review
and Comment Period
0:05
16:33
16:38
7
Working Group Updates
EV and Policy Review Working Groups
0:05
16:38
16:43
8
Review Beijing Meeting Logistics
Hotel arrangements and agenda planning
0:05
16:43
16:48
9
Any Other Business
0:01
16:48
16:49
10
Next phone call -- Thurs. Aug. 21st
0:00
16:49
16:49
11
Adjourn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20140807/05476b2e/attachment-0003.html>
-------------- next part --------------
An embedded message was scrubbed...
From: "Atsushi Inaba" <atsushi.inaba at globalsign.co.jp>
Subject: Re: [cabfpub] Proposed Baseline Requirements for Code Signing Certificates
Date: Fri, 15 Nov 2013 02:20:51 +0100
Size: 21162
URL: <http://lists.cabforum.org/pipermail/public/attachments/20140807/05476b2e/attachment-0003.mht>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4256 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20140807/05476b2e/attachment-0001.p7s>
More information about the Public
mailing list