[Smcwg-public] Approved Minutes of SMCWG January 19, 2022
Adriano Santoni
adriano.santoni at staff.aruba.it
Wed Feb 16 14:09:45 UTC 2022
As to the validity period of the Random Value, we believe it should be
30 days as for TLS certs.
Adriano
Il 15/02/2022 21:49, Stephen Davidson via Smcwg-public ha scritto:
>
> Dimitris Zacharopoulos questioned why the Random Value in the 3.2.2.2
> method was required to be reset within 24 hours, noting that this
> caused issues for users acting on messages over a weekend or a
> vacation, or where emails are delayed in spam filters. Corey Bonnell
> pointed out that the equivalent text for random values in the TLS BR
> was 30 days. Stephen indicated that it had been taken from the NIST
> 800-63 standard. Fotis Loukos mentioned that current best practice
> was for a “timed out” user to generate a new random value. It was
> suggested that a compromise time span of a week might be found, or
> that the timing issue might also be addressed within the TLS BR.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20220216/0abd7291/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4557 bytes
Desc: Firma crittografica S/MIME
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20220216/0abd7291/attachment.p7s>
More information about the Smcwg-public
mailing list