[Smcwg-public] Approved Minutes of SMCWG January 19, 2022

Adriano Santoni adriano.santoni at staff.aruba.it
Wed Feb 16 14:09:45 UTC 2022

As to the validity period of the Random Value, we believe it should be 
30 days as for TLS certs.


Il 15/02/2022 21:49, Stephen Davidson via Smcwg-public ha scritto:
> Dimitris Zacharopoulos questioned why the Random Value in the 
> method was required to be reset within 24 hours, noting that this 
> caused issues for users acting on messages over a weekend or a 
> vacation, or where emails are delayed in spam filters.  Corey Bonnell 
> pointed out that the equivalent text for random values in the TLS BR 
> was 30 days. Stephen indicated that it had been taken from the NIST 
> 800-63 standard.  Fotis Loukos mentioned that current best practice 
> was for a “timed out” user to generate a new random value.  It was 
> suggested that a compromise time span of a week might be found, or 
> that the timing issue might also be addressed within the TLS BR.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20220216/0abd7291/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4557 bytes
Desc: Firma crittografica S/MIME
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20220216/0abd7291/attachment.p7s>

More information about the Smcwg-public mailing list