Hi,wouldn't it have been a little kinder to wait for an answer to the question I asked on Friday 5?
It may be that the answer was obvious, but it remains unclear to me where that 72 months comes from.....
Adriano Il 08/04/2024 09:31, Martijn Katerbarg via Cscwg-public ha scritto:
*Purpose of the Ballot*This ballot updates the “Baseline Requirements for the Issuance and Management of Publicly‐Trusted Code Signing Certificates“ version 3.7 in order to clarify language regarding Timestamp Authority Private Key Protection. The main goals of this ballot are to:1. Require newly issued Timestamp Authority Subordinate CA Private Keys to be stored in offline HSMs 2. Add a requirement to remove Private Keys associated with Timestamp Certificates after a 18 months 3. Add a requirement to reject SHA-1 timestamp requestsThe following motion has been proposed by Martijn Katerbarg of Sectigo and endorsed by Bruce Morton of Entrust and Ian McMillan of Microsoft.*MOTION BEGINS*This ballot updates the “Baseline Requirements for the Issuance and Management of Publicly‐Trusted Code Signing Certificates” ("Code Signing Baseline Requirements") based on version 3.7. MODIFY the Code Signing Baseline Requirements as specified in the following redline:https://github.com/cabforum/code-signing/compare/d431d9104094f2b89f35ed4bf1d64b9a844e762b...84e8586846a0c836d5bccbe9ef74593358c5b421*MOTION ENDS* The procedure for this ballot is as follows: Discussion (7 days) * Start Time: 2024-04-08 09:00 UTC * End Time: Not before 2024-04-15 17:00 UTC Vote for approval (7 days) * Start Time: TBD * End Time: TBD _______________________________________________ Cscwg-public mailing list Cscwg-public@cabforum.org https://lists.cabforum.org/mailman/listinfo/cscwg-public
smime.p7s
Description: Firma crittografica S/MIME
_______________________________________________ Cscwg-public mailing list Cscwg-public@cabforum.org https://lists.cabforum.org/mailman/listinfo/cscwg-public
