Re: [cabfpub] Voting Period Begins | Ballot FORUM-021: Form Definitions and Glossary WG

2024-04-08 Thread Mads Egil Henriksveen via Public 
Buypass votes YES on ballot FORUM-021.

Regards
Mads

From: Public  On Behalf Of Clint Wilson via Public
Sent: Thursday, April 4, 2024 5:03 PM
To: CA/Browser Forum Public Discussion List 
Subject: [cabfpub] Voting Period Begins | Ballot FORUM-021: Form Definitions 
and Glossary WG

Ballot FORUM-021

Proposed by Clint Wilson of Apple and endorsed by Tim Hollebeek of DigiCert and 
Tim Callan of Sectigo.

Purpose of Ballot

The CA/Browser Forum publishes Final Guidelines representing technical 
requirements about nuanced and challenging PKI implementations. It is proposed 
that the establishment of a Definitions and Glossary Working Group will assist 
the Forum as a whole, and its individual Chartered Working Groups, in the 
following ways:

1. Clarity and Consistency: Standardizing the definitions of terms will help 
Members and other interested parties have a clearer understanding of the 
terminology being used. This should reduce ambiguity and confusion, while 
increasing consistency in interpretation and use across Working Groups and 
Final Guidelines.
2. Effective Communication: A Glossary enables more effective communication 
among Members, as well as with external stakeholders such as industry partners, 
regulatory bodies, and other standardization organizations. It helps to ensure 
that everyone involved in the process is speaking the same language and, as 
such, may have a positive impact beyond the Forum alone.
3. Quality: By establishing a Glossary, the Forum can focus efforts on 
enhancing the quality and accuracy of the language used in published 
Guidelines. The availability of consistent, high-quality terminology reduces 
the risk of misunderstandings, errors, and misinterpretations that could 
undermine the effectiveness of the Forum.
4. Accessibility and Learning: For new Members or observers of the Forum, 
having a centralized Glossary provides a valuable resource for learning the 
specialized terminology used here. As with Guidelines in general, a focused 
Glossary can reduce the learning curve associated with understanding, 
implementing, and complying with complex baseline requirements documents.
5. Cross-referencing and Interoperability: A well-defined Glossary facilitates 
cross-referencing between Guidelines and promotes interoperability between the 
Forum's Chartered Working Groups as well as external systems, products, 
processes, and people that rely on mutual understanding of shared terminology.
6. Feedback and Iterative Improvement: Building and maintaining a Glossary 
provides a framework for soliciting and receiving feedback from industry 
stakeholders and continuously improving the clarity and accuracy of the 
definitions over time. As new terms emerge or existing definitions evolve, the 
Glossary can be updated, ensuring that the Forum remains current and responsive 
to industry changes.

Following the passage of this ballot:


  *   A new Definitions and Glossary Chartered Working Group will be formed 
under the CA/Browser Forum, as outlined in section 5.3.1 of the Bylaws;
  *   A Mailing list(s), GitHub repository(ies), and Wiki resource(s) will be 
established as needed to enable the D WG to fulfill its charter;
  *   The D WG will collaborate with other CWGs in the Forum as stipulated in 
the charter found below; and
  *   The D WG will produce and maintain a Glossary document.

MOTION BEGINS

Establish Definitions and Glossary Working Group

Upon approval from the CA/Browser Forum by ballot in accordance with section 
5.3 of the Forum Bylaws, the Definitions and Glossary Working Group ("DGWG") is 
created to perform the activities as specified in the Charter as found here: 
https://github.com/cabforum/forum/compare/9805b6976e7a7ac391048d4eadb4379aa956110b...2b2b081a224031050aedf9404d9ce50344a468e8

MOTION ENDS

The procedure for approval of this ballot is as follows:

Discussion (7+ days)

Start Time: 2024-Mar-21 15:00 UTC
End Time: 2024-April-4 14:59 UTC

Vote for approval (7 days)

Start Time: 2024-April-4 15:00 UTC
End Time: 2024-April-11 15:00 UTC
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

Re: [Smcwg-public] Voting period begins for Ballot SMC06: Post implementation clarification and corrections

2024-04-08 Thread chtsai 
TWCA votes YES on SMC-06.


Chya-Hung Tsai

From: Smcwg-public  On Behalf Of Stephen 
Davidson via Smcwg-public
Sent: Friday, April 5, 2024 12:15 AM
To: smcwg-public@cabforum.org
Subject: [Smcwg-public] Voting period begins for Ballot SMC06: Post 
implementation clarification and corrections


Ballot SMC06: Post implementation clarification and corrections



Purpose of Ballot:



The ballot proposes changes to the S/MIME Baseline Requirements to provide 
clarifications and corrections arising from the implementation of the S/MIME BR 
and initial audits.



The following motion has been proposed by Stephen Davidson of DigiCert and 
endorsed by Martijn Katerbarg of Sectigo and Roman Fischer of SwissSign.



— MOTION BEGINS —



This ballot modifies the “Baseline Requirements for the Issuance and Management 
of Publicly-Trusted S/MIME Certificates” (“S/MIME Baseline Requirements”) 
resulting in Version 1.0.4.



The proposed modifications to the S/MIME Baseline Requirements may be found at 
https://github.com/srdavidson/smime/compare/ed36440d7c967732aa08739b14cc29bed257a67d...246fab8b8880aa62cec95b6d055b872173d4dadf



The SMCWG Chair or Vice-Chair is permitted to update the Relevant Dates and 
Version Number of the S/MIME Baseline Requirements to reflect final dates.



— MOTION ENDS —



This ballot proposes a Final Maintenance Guideline. The procedure for approval 
of this ballot is as follows:



Discussion (9 days)

Start Time: Tuesday March 26, 2024 17:00 UTC

End Time: Thursday April 4, 2024 17:00 UTC


Vote for approval (7 days)

Start Time: Thursday April 4, 2024 18:00 UTC

End Time: Thursday April 11, 2024 18:00 UTC


IPR Review (30 days)

___
Smcwg-public mailing list
Smcwg-public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/smcwg-public

Re: [cabfpub] Voting Period Begins | Ballot FORUM-021: Form Definitions and Glossary WG

2024-04-08 Thread Clint Wilson via Public 
Apple votes YES on Ballot FORUM-021

> On Apr 4, 2024, at 8:03 AM, Clint Wilson via Public  
> wrote:
> 
> Ballot FORUM-021
> 
> Proposed by Clint Wilson of Apple and endorsed by Tim Hollebeek of DigiCert 
> and Tim Callan of Sectigo.
> 
> Purpose of Ballot
> 
> The CA/Browser Forum publishes Final Guidelines representing technical 
> requirements about nuanced and challenging PKI implementations. It is 
> proposed that the establishment of a Definitions and Glossary Working Group 
> will assist the Forum as a whole, and its individual Chartered Working 
> Groups, in the following ways:
> 
> 1. Clarity and Consistency: Standardizing the definitions of terms will help 
> Members and other interested parties have a clearer understanding of the 
> terminology being used. This should reduce ambiguity and confusion, while 
> increasing consistency in interpretation and use across Working Groups and 
> Final Guidelines.
> 2. Effective Communication: A Glossary enables more effective communication 
> among Members, as well as with external stakeholders such as industry 
> partners, regulatory bodies, and other standardization organizations. It 
> helps to ensure that everyone involved in the process is speaking the same 
> language and, as such, may have a positive impact beyond the Forum alone.
> 3. Quality: By establishing a Glossary, the Forum can focus efforts on 
> enhancing the quality and accuracy of the language used in published 
> Guidelines. The availability of consistent, high-quality terminology reduces 
> the risk of misunderstandings, errors, and misinterpretations that could 
> undermine the effectiveness of the Forum.
> 4. Accessibility and Learning: For new Members or observers of the Forum, 
> having a centralized Glossary provides a valuable resource for learning the 
> specialized terminology used here. As with Guidelines in general, a focused 
> Glossary can reduce the learning curve associated with understanding, 
> implementing, and complying with complex baseline requirements documents.
> 5. Cross-referencing and Interoperability: A well-defined Glossary 
> facilitates cross-referencing between Guidelines and promotes 
> interoperability between the Forum’s Chartered Working Groups as well as 
> external systems, products, processes, and people that rely on mutual 
> understanding of shared terminology. 
> 6. Feedback and Iterative Improvement: Building and maintaining a Glossary 
> provides a framework for soliciting and receiving feedback from industry 
> stakeholders and continuously improving the clarity and accuracy of the 
> definitions over time. As new terms emerge or existing definitions evolve, 
> the Glossary can be updated, ensuring that the Forum remains current and 
> responsive to industry changes.
> 
> Following the passage of this ballot:
> 
> A new Definitions and Glossary Chartered Working Group will be formed under 
> the CA/Browser Forum, as outlined in section 5.3.1 of the Bylaws;
> A Mailing list(s), GitHub repository(ies), and Wiki resource(s) will be 
> established as needed to enable the D WG to fulfill its charter;
> The D WG will collaborate with other CWGs in the Forum as stipulated in the 
> charter found below; and
> The D WG will produce and maintain a Glossary document.
> 
> MOTION BEGINS
> 
> Establish Definitions and Glossary Working Group
> 
> Upon approval from the CA/Browser Forum by ballot in accordance with section 
> 5.3 of the Forum Bylaws, the Definitions and Glossary Working Group (“DGWG”) 
> is created to perform the activities as specified in the Charter as found 
> here: 
> https://github.com/cabforum/forum/compare/9805b6976e7a7ac391048d4eadb4379aa956110b...2b2b081a224031050aedf9404d9ce50344a468e8
> 
> MOTION ENDS
> 
> The procedure for approval of this ballot is as follows:
> 
> Discussion (7+ days)
> 
> Start Time: 2024-Mar-21 15:00 UTC
> End Time: 2024-April-4 14:59 UTC
> 
> Vote for approval (7 days)
> 
> Start Time: 2024-April-4 15:00 UTC
> End Time: 2024-April-11 15:00 UTC
> ___
> Public mailing list
> Public@cabforum.org
> https://lists.cabforum.org/mailman/listinfo/public



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]-Re: Voting Period Begins | Ballot FORUM-021: Form Definitions and Glossary WG

2024-04-08 Thread Pedro FUENTES via Public 
OISTE votes Yes on Ballot FORUM-021

> 
> On Thu, Apr 4, 2024 at 11:03 AM Clint Wilson via Public  > wrote:
>> Ballot FORUM-021
>> 
>> Proposed by Clint Wilson of Apple and endorsed by Tim Hollebeek of DigiCert 
>> and Tim Callan of Sectigo.
>> 
>> Purpose of Ballot
>> 
>> The CA/Browser Forum publishes Final Guidelines representing technical 
>> requirements about nuanced and challenging PKI implementations. It is 
>> proposed that the establishment of a Definitions and Glossary Working Group 
>> will assist the Forum as a whole, and its individual Chartered Working 
>> Groups, in the following ways:
>> 
>> 1. Clarity and Consistency: Standardizing the definitions of terms will help 
>> Members and other interested parties have a clearer understanding of the 
>> terminology being used. This should reduce ambiguity and confusion, while 
>> increasing consistency in interpretation and use across Working Groups and 
>> Final Guidelines.
>> 2. Effective Communication: A Glossary enables more effective communication 
>> among Members, as well as with external stakeholders such as industry 
>> partners, regulatory bodies, and other standardization organizations. It 
>> helps to ensure that everyone involved in the process is speaking the same 
>> language and, as such, may have a positive impact beyond the Forum alone.
>> 3. Quality: By establishing a Glossary, the Forum can focus efforts on 
>> enhancing the quality and accuracy of the language used in published 
>> Guidelines. The availability of consistent, high-quality terminology reduces 
>> the risk of misunderstandings, errors, and misinterpretations that could 
>> undermine the effectiveness of the Forum.
>> 4. Accessibility and Learning: For new Members or observers of the Forum, 
>> having a centralized Glossary provides a valuable resource for learning the 
>> specialized terminology used here. As with Guidelines in general, a focused 
>> Glossary can reduce the learning curve associated with understanding, 
>> implementing, and complying with complex baseline requirements documents.
>> 5. Cross-referencing and Interoperability: A well-defined Glossary 
>> facilitates cross-referencing between Guidelines and promotes 
>> interoperability between the Forum’s Chartered Working Groups as well as 
>> external systems, products, processes, and people that rely on mutual 
>> understanding of shared terminology. 
>> 6. Feedback and Iterative Improvement: Building and maintaining a Glossary 
>> provides a framework for soliciting and receiving feedback from industry 
>> stakeholders and continuously improving the clarity and accuracy of the 
>> definitions over time. As new terms emerge or existing definitions evolve, 
>> the Glossary can be updated, ensuring that the Forum remains current and 
>> responsive to industry changes.
>> 
>> Following the passage of this ballot:
>> 
>> A new Definitions and Glossary Chartered Working Group will be formed under 
>> the CA/Browser Forum, as outlined in section 5.3.1 of the Bylaws;
>> A Mailing list(s), GitHub repository(ies), and Wiki resource(s) will be 
>> established as needed to enable the D WG to fulfill its charter;
>> The D WG will collaborate with other CWGs in the Forum as stipulated in 
>> the charter found below; and
>> The D WG will produce and maintain a Glossary document.
>> 
>> MOTION BEGINS
>> 
>> Establish Definitions and Glossary Working Group
>> 
>> Upon approval from the CA/Browser Forum by ballot in accordance with section 
>> 5.3 of the Forum Bylaws, the Definitions and Glossary Working Group (“DGWG”) 
>> is created to perform the activities as specified in the Charter as found 
>> here: 
>> https://github.com/cabforum/forum/compare/9805b6976e7a7ac391048d4eadb4379aa956110b...2b2b081a224031050aedf9404d9ce50344a468e8
>>  
>> 
>> 
>> MOTION ENDS
>> 
>> The procedure for approval of this ballot is as follows:
>> 
>> Discussion (7+ days)
>> 
>> Start Time: 2024-Mar-21 15:00 UTC
>> End Time: 2024-April-4 14:59 UTC
>> 
>> Vote for approval (7 days)
>> 
>> Start Time: 2024-April-4 15:00 UTC
>> End Time: 2024-April-11 15:00 UTC
>> ___
>> Public mailing list
>> Public@cabforum.org 
>> https://lists.cabforum.org/mailman/listinfo/public 
>>

Re: [cabfpub] Voting Period Begins | Ballot FORUM-021: Form Definitions and Glossary WG

2024-04-08 Thread Chris Clements via Public 
Google votes Yes on Ballot FORUM-021.

On Thu, Apr 4, 2024 at 11:03 AM Clint Wilson via Public 
wrote:

> *Ballot FORUM-021*
>
> Proposed by Clint Wilson of Apple and endorsed by Tim Hollebeek of
> DigiCert and Tim Callan of Sectigo.
>
> *Purpose of Ballot*
>
> The CA/Browser Forum publishes Final Guidelines representing technical
> requirements about nuanced and challenging PKI implementations. It is
> proposed that the establishment of a Definitions and Glossary Working Group
> will assist the Forum as a whole, and its individual Chartered Working
> Groups, in the following ways:
>
> 1. *Clarity and Consistency*: Standardizing the definitions of terms will
> help Members and other interested parties have a clearer understanding of
> the terminology being used. This should reduce ambiguity and confusion,
> while increasing consistency in interpretation and use across Working
> Groups and Final Guidelines.
> 2. *Effective Communication*: A Glossary enables more effective
> communication among Members, as well as with external stakeholders such as
> industry partners, regulatory bodies, and other standardization
> organizations. It helps to ensure that everyone involved in the process is
> speaking the same language and, as such, may have a positive impact beyond
> the Forum alone.
> 3. *Quality*: By establishing a Glossary, the Forum can focus efforts on
> enhancing the quality and accuracy of the language used in published
> Guidelines. The availability of consistent, high-quality terminology
> reduces the risk of misunderstandings, errors, and misinterpretations that
> could undermine the effectiveness of the Forum.
> 4. *Accessibility and Learning*: For new Members or observers of the
> Forum, having a centralized Glossary provides a valuable resource for
> learning the specialized terminology used here. As with Guidelines in
> general, a focused Glossary can reduce the learning curve associated with
> understanding, implementing, and complying with complex baseline
> requirements documents.
> 5. *Cross-referencing and Interoperability*: A well-defined Glossary
> facilitates cross-referencing between Guidelines and promotes
> interoperability between the Forum’s Chartered Working Groups as well as
> external systems, products, processes, and people that rely on mutual
> understanding of shared terminology.
> 6. *Feedback and Iterative Improvement*: Building and maintaining a
> Glossary provides a framework for soliciting and receiving feedback from
> industry stakeholders and continuously improving the clarity and accuracy
> of the definitions over time. As new terms emerge or existing definitions
> evolve, the Glossary can be updated, ensuring that the Forum remains
> current and responsive to industry changes.
>
> *Following the passage of this ballot:*
>
>
>- A new Definitions and Glossary Chartered Working Group will be
>formed under the CA/Browser Forum, as outlined in section 5.3.1 of the
>Bylaws;
>- A Mailing list(s), GitHub repository(ies), and Wiki resource(s) will
>be established as needed to enable the D WG to fulfill its charter;
>- The D WG will collaborate with other CWGs in the Forum as
>stipulated in the charter found below; and
>- The D WG will produce and maintain a Glossary document.
>
>
> *MOTION BEGINS*
>
> *Establish Definitions and Glossary Working Group*
>
> Upon approval from the CA/Browser Forum by ballot in accordance with
> section 5.3 of the Forum Bylaws, the Definitions and Glossary Working Group
> (“DGWG”) is created to perform the activities as specified in the Charter
> as found here:
> https://github.com/cabforum/forum/compare/9805b6976e7a7ac391048d4eadb4379aa956110b...2b2b081a224031050aedf9404d9ce50344a468e8
>
> *MOTION ENDS*
>
> *The procedure for approval of this ballot is as follows:*
>
> *Discussion* (7+ days)
>
> *Start Time*: 2024-Mar-21 15:00 UTC
> *End Time*: 2024-April-4 14:59 UTC
>
> *Vote for approval* (7 days)
>
> Start Time: 2024-April-4 15:00 UTC
> End Time: 2024-April-11 15:00 UTC
> ___
> Public mailing list
> Public@cabforum.org
> https://lists.cabforum.org/mailman/listinfo/public
>
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

Re: [Smcwg-public] Ballot SMC06v2: Post implementation clarification and corrections

2024-04-08 Thread Marco Schambach via Smcwg-public 
IdenTrust votes "yes" on Ballot SMC-06v2.

Regards,

 

 

Od: Smcwg-public mailto:smcwg-public-boun...@cabforum.org> > w imieniu użytkownika Stephen 
Davidson via Smcwg-public mailto:smcwg-public@cabforum.org> >
Wysłane: czwartek, 4 kwietnia 2024 20:15
Do: smcwg-public@cabforum.org   
mailto:smcwg-public@cabforum.org> >
Temat: *** Uwaga! Mozliwy SPAM / PHISHING *** [Smcwg-public] Ballot SMC06v2: 
Post implementation clarification and corrections

 

Ballot SMC06: Post implementation clarification and corrections

 

Purpose of Ballot:

 

The ballot proposes changes to the S/MIME Baseline Requirements to provide 
clarifications and corrections arising from the implementation of the S/MIME BR 
and initial audits.

 

The following motion has been proposed by Stephen Davidson of DigiCert and 
endorsed by Martijn Katerbarg of Sectigo and Roman Fischer of SwissSign.

 

— MOTION BEGINS —

 

This ballot modifies the “Baseline Requirements for the Issuance and Management 
of Publicly-Trusted S/MIME Certificates” (“S/MIME Baseline Requirements”) 
resulting in Version 1.0.4.

 

The proposed modifications to the S/MIME Baseline Requirements may be found at 
https://github.com/srdavidson/smime/compare/ed36440d7c967732aa08739b14cc29bed257a67d...246fab8b8880aa62cec95b6d055b872173d4dadf
 

 

 

The SMCWG Chair or Vice-Chair is permitted to update the Relevant Dates and 
Version Number of the S/MIME Baseline Requirements to reflect final dates.

 

— MOTION ENDS —

 

This ballot proposes a Final Maintenance Guideline. The procedure for approval 
of this ballot is as follows:

 

Discussion (9 days)

Start Time: Tuesday March 26, 2024 17:00 UTC

End Time: Thursday April 4, 2024 17:00 UTC

 

Vote for approval (7 days)

Start Time: Thursday April 4, 2024 17:00 UTC

End Time: Thursday April 11, 2024 17:00 UTC

 

IPR Review (30 days)

 

___
Smcwg-public mailing list
Smcwg-public@cabforum.org  
https://lists.cabforum.org/mailman/listinfo/smcwg-public



smime.p7s
Description: S/MIME cryptographic signature
___
Smcwg-public mailing list
Smcwg-public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/smcwg-public

[cabfpub] Final Minutes of CA/Browser Forum Meeting March 14, 2024

2024-04-08 Thread Dimitris Zacharopoulos (HARICA) via Public 

*

These are the Final Minutes of the Teleconference described in the 
subject of this message.


CA/Browser Forum Teleconference – 14 March 2024

Attendees: Aaron Poulsen - (Amazon), Adam Jones - (Microsoft), Adrian 
Mueller - (SwissSign), Antti Backman - (Telia Company), Brianca Martin - 
(Amazon), Bruce Morton - (Entrust), Chris Clements - (Google), Clint 
Wilson - (Apple), Corey Rasmussen - (OATI), David Kluge - (Google), Dean 
Coclin - (DigiCert), Dimitris Zacharopoulos - (HARICA), Dong Wha Shin - 
(MOIS (Ministry of Interior and Safety) of the republic of Korea), Doug 
Beattie - (GlobalSign), Dustin Hollenback - (Microsoft), Enrico Entschew 
- (D-TRUST), Fumi Yoneda - (Japan Registry Services), Gregory Tomko - 
(GlobalSign), Inaba Atsushi - (GlobalSign), Inigo Barreira - (Sectigo), 
Johnny Reading - (GoDaddy), Jos Purvis - (Fastly), Jozef Nigut - 
(Disig), Karina Sirota - (Microsoft), Mads Henriksveen - (Buypass AS), 
Marcelo Silva - (Visa), Marco Schambach - (IdenTrust), Martijn Katerbarg 
- (Sectigo), Michelle Coon - (OATI), Nargis Mannan - (VikingCloud), 
Nicol So - (CommScope), Nome Huang - (TrustAsia), Paul van Brouwershaven 
- (Entrust), Pedro Fuentes - (OISTE Foundation), Rebecca Kelley - 
(Apple), Rich Kapushinski - (CommScope), RIch Smith - (DigiCert), Rollin 
Yu - (TrustAsia), Sandy Balzer - (SwissSign), Stephen Davidson - 
(DigiCert), Tobias Josefowitz - (Opera Software AS), Trevoli Ponds-White 
- (Amazon), Tsung-Min Kuo - (Chunghwa Telecom), Wayne Thayer - (Fastly), 
Wendy Brown - (US Federal PKI Management Authority), Yoshihiko Matsuo - 
(Japan Registry Services)


1.  Roll Call

Dimitris Zacharopoulos read the roll.

2. Read Note-well

Dimitris determined that it was not necessary to repeat the note-well 
statement.


3. Review Agenda

No updates were suggested

4. Approval of Minutes from Last Teleconference

There were no minutes to approve

5. Server Certificate Working Group Update

Dimitris asked if we need this agenda item given that the SCWG call just 
happened? Inigo Barreira said that we can cover the Validation subcommittee.



Wayne Thayer said that the following topics were discussed at last 
week’s Validation Subcommittee meeting:



 *

   Chris Clements said that he will soon begin discussion on the MPIC
   ballot. He expects there to be an extended period of discussion.
   Meanwhile, comments on the PR are encouraged

 *

   It was noted that Michael Slaughter continues work on a ballot to
   modify 3.2.2.4.7 to allow CNAME delegation to the CA

 *

   Corey Bonnell presented a slide deck titled Identifying Delegated
   Third Parties in the context of domain validation. The presentation
   ended with a proposed process for clarifying the BRs that the
   subcommittee agreed to follow in upcoming meetings after
   prioritizing domain validation methods to evaluate.

 *

   Wayne described the proposal to add a new validation method
   supporting the proposed ACME dns-account-01 challenge defined in
   draft-ietf-acme-scoped-dns-challenges-00. Next step is to evaluate
   the stability of the draft based on feedback received at the
   upcoming IETF meeting.


Dimitris asked if the draft RFC is stable? Wayne said that it is roughly 
the 3rd version but it has significant changed to align with similar 
work happening in another IETF working group.


6. Code Signing Working Group Update

Bruce Morton said that the WG didn’t meet last week. At the F2F, we 
discussed certificate transparency for code signing. reducing validity 
period to 15 months from 39, a ballot to import EV requirements into the 
CSBRs, and time stamping requirements. Dimitris said that Microsoft also 
announced a policy change at the F2F and they are still trying to 
determine what it means to the CSBRs. Bruce said that it appears that 
the plan is to eliminate EV code signing, but we’re also working on 
simplifying EV, so the goal is not clear.



7. S/MIME Working Group Update

Steven Davidson said that a corrections & clarifications ballot will go 
to a vote soon, based on learnings from the first round of audits. Next 
up is potential deprecation of legacy profiles. This requires developing 
a better understanding of blockers to implementation of the stricter 
profiles.



8. Forum Infrastructure Subcommittee Update


Jos Purvis said that we reviewed the new GitHub project that will be 
used for issues and a place to ask questions. Reviewed email 
infrastructure and are working on mailman upgrades. Martijn also 
volunteered to look at Google Groups as another option. Martijn is also 
working on a feature to automatically send out meeting minutes.



Trevoli Ponds-White said that Google Groups is a good idea. Do we need 
to discuss it? Jos said yes, if it proves to be viable.



9. NetSec Working Group Update


David Kluge said that they discussed the section 4 ballot concerning 
vulnerability management. Want to make the requirements more 
comprehensive, requiring a vulnerability management program, to

Re: [Cscwg-public] [External Sender] Re: [Discussion Period Begins] CSC-24 (v2): Timestamping Private Key Protection

2024-04-08 Thread Adriano Santoni via Cscwg-public 

Hi Martijn,

I can't find (in the call minutes) a past discussion about that, however 
I assume it's fine for everyone since I haven't seen any objections.


Adriano


Il 08/04/2024 10:08, Martijn Katerbarg ha scritto:


Hi Adriano,

My apologies! It was in the past discussed about limiting timestamping 
to 72 or 75 months alltogether, then not requiring the SubCAs to be 
offline. The compromise here still allows up to 135 month timestamp 
certificates, if the SubCAs are offline.


Mind you there’s no current limit to SubCA validity periods yet, but I 
would like to limit this to in a future ballot as well


Regards,

Martijn

*From: *Adriano Santoni 
*Date: *Monday, 8 April 2024 at 09:47
*To: *cscwg-public@cabforum.org , Martijn 
Katerbarg 
*Subject: *Re: [External Sender] [Cscwg-public] [Discussion Period 
Begins] CSC-24 (v2): Timestamping Private Key Protection


Hi,

wouldn't it have been a little kinder to wait for an answer to the 
question I asked on Friday 5?


It may be that the answer was obvious, but it remains unclear to me 
where that 72 months comes from.


Adriano

Il 08/04/2024 09:31, Martijn Katerbarg via Cscwg-public ha scritto:

*Purpose of the Ballot*

This ballot updates the “Baseline Requirements for the Issuance
and Management of Publicly‐Trusted Code Signing Certificates“
version 3.7 in order to clarify language regarding Timestamp
Authority Private Key Protection. The main goals of this ballot
are to:

 1. Require newly issued Timestamp Authority Subordinate CA
Private Keys to be stored in offline HSMs
 2. Add a requirement to remove Private Keys associated with
Timestamp Certificates after a 18 months
 3. Add a requirement to reject SHA-1 timestamp requests

The following motion has been proposed by Martijn Katerbarg of
Sectigo and endorsed by Bruce Morton of Entrust and Ian McMillan
of Microsoft.

*MOTION BEGINS*

This ballot updates the “Baseline Requirements for the Issuance
and Management of Publicly‐Trusted Code Signing Certificates”
("Code Signing Baseline Requirements") based on version 3.7.
MODIFY the Code Signing Baseline Requirements as specified in the
following

redline:https://github.com/cabforum/code-signing/compare/d431d9104094f2b89f35ed4bf1d64b9a844e762b...84e8586846a0c836d5bccbe9ef74593358c5b421

*MOTION ENDS*

The procedure for this ballot is as follows:

Discussion (7 days)

 1. Start Time: 2024-04-08 09:00 UTC
 2. End Time: Not before 2024-04-15 17:00 UTC

Vote for approval (7 days)

 1. Start Time: TBD
 2. End Time: TBD



___

Cscwg-public mailing list

Cscwg-public@cabforum.org

https://lists.cabforum.org/mailman/listinfo/cscwg-public



smime.p7s
Description: Firma crittografica S/MIME
___
Cscwg-public mailing list
Cscwg-public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/cscwg-public

Re: [Cscwg-public] [External Sender] [Discussion Period Begins] CSC-24 (v2): Timestamping Private Key Protection

2024-04-08 Thread Martijn Katerbarg via Cscwg-public 
Hi Adriano,

My apologies! It was in the past discussed about limiting timestamping to 72 or 
75 months alltogether, then not requiring the SubCAs to be offline. The 
compromise here still allows up to 135 month timestamp certificates, if the 
SubCAs are offline. 

Mind you there’s no current limit to SubCA validity periods yet, but I would 
like to limit this to in a future ballot as well 

Regards,

Martijn 

From: Adriano Santoni 
Date: Monday, 8 April 2024 at 09:47
To: cscwg-public@cabforum.org , Martijn Katerbarg 

Subject: Re: [External Sender] [Cscwg-public] [Discussion Period Begins] CSC-24 
(v2): Timestamping Private Key Protection 

Hi, 
wouldn't it have been a little kinder to wait for an answer to the question I 
asked on Friday 5? 
It may be that the answer was obvious, but it remains unclear to me where that 
72 months comes from. 
Adriano 

Il 08/04/2024 09:31, Martijn Katerbarg via Cscwg-public ha scritto: 

Purpose of the Ballot 
This ballot updates the “Baseline Requirements for the Issuance and Management 
of Publicly‐Trusted Code Signing Certificates“ version 3.7 in order to clarify 
language regarding Timestamp Authority Private Key Protection. The main goals 
of this ballot are to: 

1. Require newly issued Timestamp Authority Subordinate CA Private Keys to be 
stored in offline HSMs 
2. Add a requirement to remove Private Keys associated with Timestamp 
Certificates after a 18 months 
3. Add a requirement to reject SHA-1 timestamp requests 
The following motion has been proposed by Martijn Katerbarg of Sectigo and 
endorsed by Bruce Morton of Entrust and Ian McMillan of Microsoft. 
MOTION BEGINS 
This ballot updates the “Baseline Requirements for the Issuance and Management 
of Publicly‐Trusted Code Signing Certificates” ("Code Signing Baseline 
Requirements") based on version 3.7. MODIFY the Code Signing Baseline 
Requirements as specified in the following redline: 
https://github.com/cabforum/code-signing/compare/d431d9104094f2b89f35ed4bf1d64b9a844e762b...84e8586846a0c836d5bccbe9ef74593358c5b421
 

 
MOTION ENDS 
The procedure for this ballot is as follows: 
Discussion (7 days) 

1. Start Time: 2024-04-08 09:00 UTC 
2. End Time: Not before 2024-04-15 17:00 UTC 
Vote for approval (7 days) 

1. Start Time: TBD 
2. End Time: TBD 





___ Cscwg-public mailing list 
Cscwg-public@cabforum.org  
https://lists.cabforum.org/mailman/listinfo/cscwg-public 
 




smime.p7s
Description: S/MIME cryptographic signature
___
Cscwg-public mailing list
Cscwg-public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/cscwg-public

Re: [Cscwg-public] [External Sender] [Discussion Period Begins] CSC-24 (v2): Timestamping Private Key Protection

2024-04-08 Thread Adriano Santoni via Cscwg-public 

Hi,

wouldn't it have been a little kinder to wait for an answer to the 
question I asked on Friday 5?


It may be that the answer was obvious, but it remains unclear to me 
where that 72 months comes from.


Adriano


Il 08/04/2024 09:31, Martijn Katerbarg via Cscwg-public ha scritto:


*Purpose of the Ballot*

This ballot updates the “Baseline Requirements for the Issuance and 
Management of Publicly‐Trusted Code Signing Certificates“ version 3.7 
in order to clarify language regarding Timestamp Authority Private Key 
Protection. The main goals of this ballot are to:


 1. Require newly issued Timestamp Authority Subordinate CA Private
Keys to be stored in offline HSMs
 2. Add a requirement to remove Private Keys associated with Timestamp
Certificates after a 18 months
 3. Add a requirement to reject SHA-1 timestamp requests

The following motion has been proposed by Martijn Katerbarg of Sectigo 
and endorsed by Bruce Morton of Entrust and Ian McMillan of Microsoft.


*MOTION BEGINS*

This ballot updates the “Baseline Requirements for the Issuance and 
Management of Publicly‐Trusted Code Signing Certificates” ("Code 
Signing Baseline Requirements") based on version 3.7. MODIFY the Code 
Signing Baseline Requirements as specified in the following 
redline:https://github.com/cabforum/code-signing/compare/d431d9104094f2b89f35ed4bf1d64b9a844e762b...84e8586846a0c836d5bccbe9ef74593358c5b421


*MOTION ENDS*

The procedure for this ballot is as follows:

Discussion (7 days)

  * Start Time: 2024-04-08 09:00 UTC
  * End Time: Not before 2024-04-15 17:00 UTC

Vote for approval (7 days)

  * Start Time: TBD
  * End Time: TBD


___
Cscwg-public mailing list
Cscwg-public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/cscwg-public


smime.p7s
Description: Firma crittografica S/MIME
___
Cscwg-public mailing list
Cscwg-public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/cscwg-public

[Cscwg-public] [Discussion Period Begins] CSC-24 (v2): Timestamping Private Key Protection

2024-04-08 Thread Martijn Katerbarg via Cscwg-public 
Purpose of the Ballot 
This ballot updates the “Baseline Requirements for the Issuance and Management 
of Publicly‐Trusted Code Signing Certificates“ version 3.7 in order to clarify 
language regarding Timestamp Authority Private Key Protection. The main goals 
of this ballot are to: 

1. Require newly issued Timestamp Authority Subordinate CA Private Keys to be 
stored in offline HSMs 
2. Add a requirement to remove Private Keys associated with Timestamp 
Certificates after a 18 months 
3. Add a requirement to reject SHA-1 timestamp requests 
The following motion has been proposed by Martijn Katerbarg of Sectigo and 
endorsed by Bruce Morton of Entrust and Ian McMillan of Microsoft. 
MOTION BEGINS 
This ballot updates the “Baseline Requirements for the Issuance and Management 
of Publicly‐Trusted Code Signing Certificates” ("Code Signing Baseline 
Requirements") based on version 3.7. MODIFY the Code Signing Baseline 
Requirements as specified in the following redline: 
https://github.com/cabforum/code-signing/compare/d431d9104094f2b89f35ed4bf1d64b9a844e762b...84e8586846a0c836d5bccbe9ef74593358c5b421
 

 
MOTION ENDS 
The procedure for this ballot is as follows: 
Discussion (7 days) 

* Start Time: 2024-04-08 09:00 UTC 
* End Time: Not before 2024-04-15 17:00 UTC 
Vote for approval (7 days) 

* Start Time: TBD 
* End Time: TBD 





smime.p7s
Description: S/MIME cryptographic signature
___
Cscwg-public mailing list
Cscwg-public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/cscwg-public

Re: [Smcwg-public] [External Sender] Ballot SMC06v2: Post implementation clarification and corrections

2024-04-08 Thread Pedro FUENTES via Smcwg-public 
OISTE votes Yes to SMC06

> 
> 
>> 
>> Ballot SMC06: Post implementation clarification and corrections
>>  
>> Purpose of Ballot:
>>  
>> The ballot proposes changes to the S/MIME Baseline Requirements to provide 
>> clarifications and corrections arising from the implementation of the S/MIME 
>> BR and initial audits.
>>  
>> The following motion has been proposed by Stephen Davidson of DigiCert and 
>> endorsed by Martijn Katerbarg of Sectigo and Roman Fischer of SwissSign.
>>  
>> — MOTION BEGINS —
>>  
>> This ballot modifies the “Baseline Requirements for the Issuance and 
>> Management of Publicly-Trusted S/MIME Certificates” (“S/MIME Baseline 
>> Requirements”) resulting in Version 1.0.4.
>>  
>> The proposed modifications to the S/MIME Baseline Requirements may be found 
>> at 
>> https://github.com/srdavidson/smime/compare/ed36440d7c967732aa08739b14cc29bed257a67d...246fab8b8880aa62cec95b6d055b872173d4dadf
>>  
>> 
>>  
>> The SMCWG Chair or Vice-Chair is permitted to update the Relevant Dates and 
>> Version Number of the S/MIME Baseline Requirements to reflect final dates.
>>  
>> — MOTION ENDS —
>>  
>> This ballot proposes a Final Maintenance Guideline. The procedure for 
>> approval of this ballot is as follows:
>>  
>> Discussion (9 days)
>> Start Time: Tuesday March 26, 2024 17:00 UTC
>> End Time: Thursday April 4, 2024 17:00 UTC
>>  
>> Vote for approval (7 days)
>> Start Time: Thursday April 4, 2024 17:00 UTC 
>> End Time: Thursday April 11, 2024 17:00 UTC
>>  
>> IPR Review (30 days)
>>  
>> 
>> 
>> ___
>> Smcwg-public mailing list
>> Smcwg-public@cabforum.org 
>> https://lists.cabforum.org/mailman/listinfo/smcwg-public
> ___
> Smcwg-public mailing list
> Smcwg-public@cabforum.org 
> https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.cabforum.org_mailman_listinfo_smcwg-2Dpublic=DwICAg=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM=-bX5hBm1IdRDykQ-dBR8tsFRCM4v1VXUyG7RZa2WqPY=EIXUldZ9UEaJTBjcgnvmoF4liIFpOA9153fE1aSdgmPHtHcVYmzoq6QIpIsSZLS5=_B1GvweuyL7-wdaxovNEKM9AAXPmYNmazaemX07-Ga8=


WISeKey SA
Pedro Fuentes
CSO - Trust Services Manager
Office: + 41 (0) 22 594 30 00
Mobile: + 41 (0) 791 274 790
Address: Avenue Louis-Casaï 58 | 1216 Cointrin | Switzerland
Stay connected with WISeKey 

THIS IS A TRUSTED MAIL: This message is digitally signed with a WISeKey 
identity. If you get a mail from WISeKey please check the signature to avoid 
security risks

CONFIDENTIALITY: This email and any files transmitted with it can be 
confidential and it’s intended solely for the use of the individual or entity 
to which they are addressed. If you are not the named addressee you should not 
disseminate, distribute or copy this e-mail. If you have received this email in 
error please notify the sender

DISCLAIMER: WISeKey does not warrant the accuracy or completeness of this 
message and does not accept any liability for any errors or omissions herein as 
this message has been transmitted over a public network. Internet 
communications cannot be guaranteed to be secure or error-free as information 
may be intercepted, corrupted, or contain viruses. Attachments to this e-mail 
are checked for viruses; however, we do not accept any liability for any damage 
sustained by viruses and therefore you are kindly requested to check for 
viruses upon receipt.



smime.p7s
Description: S/MIME cryptographic signature
___
Smcwg-public mailing list
Smcwg-public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/smcwg-public

Re: [Smcwg-public] [External Sender] Ballot SMC06v2: Post implementation clarification and corrections

2024-04-08 Thread Adriano Santoni via Smcwg-public 

Actalis votes YES on SMC-06.

Il 04/04/2024 20:15, Stephen Davidson via Smcwg-public ha scritto:
NOTICE: Pay attention - external email - Sender is 
0100018eaa5286ae-6c997690-71be-4c0d-9fe8-08b5014a3f05-000...@amazonses.com 





*Ballot SMC06: Post implementation clarification and corrections*

**

*Purpose of Ballot:*

The ballot proposes changes to the S/MIME Baseline Requirements to 
provide clarifications and corrections arising from the implementation 
of the S/MIME BR and initial audits.


The following motion has been proposed by Stephen Davidson of DigiCert 
and endorsed by Martijn Katerbarg of Sectigo and Roman Fischer of 
SwissSign.


*— MOTION BEGINS —*

This ballot modifies the “Baseline Requirements for the Issuance and 
Management of Publicly-Trusted S/MIME Certificates” (“S/MIME Baseline 
Requirements”) resulting in Version 1.0.4.


The proposed modifications to the S/MIME Baseline Requirements may be 
found at 
https://github.com/srdavidson/smime/compare/ed36440d7c967732aa08739b14cc29bed257a67d...246fab8b8880aa62cec95b6d055b872173d4dadf 
 



The SMCWG Chair or Vice-Chair is permitted to update the Relevant 
Dates and Version Number of the S/MIME Baseline Requirements to 
reflect final dates.


*— MOTION ENDS —*

This ballot proposes a Final Maintenance Guideline. The procedure for 
approval of this ballot is as follows:


Discussion (9 days)

Start Time: Tuesday March 26, 2024 17:00 UTC

End Time: Thursday April 4, 2024 17:00 UTC

Vote for approval (7 days)

Start Time: Thursday April 4, 2024 17:00 UTC

End Time: Thursday April 11, 2024 17:00 UTC

IPR Review (30 days)


___
Smcwg-public mailing list
Smcwg-public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/smcwg-public


smime.p7s
Description: Firma crittografica S/MIME
___
Smcwg-public mailing list
Smcwg-public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/smcwg-public