Re: [Cscwg-public] Code Signing Baseline Requirements references to the EV Guidelines

On 11/3/2024 6:20 μ.μ., Dimitris Zacharopoulos (HARICA) via Cscwg-public wrote: All, I re-based the importEVG branch to the latest CSBR (3.7.0). You can see the ballot redline in https://github.com/cabforum/code-signing/pull/38. Feel free to start a review within the PR or reply

Re: [Cscwg-public] Voting Begins Ballot CSC-23: Marking the EV Code Signing Guidelines SUPERCEDED

7:28 π.μ., Dimitris Zacharopoulos (HARICA) via Cscwg-public wrote: Voting begins for ballot CSC-23. Purpose of the Ballot As agreed at the F2F#61 meeting, this is a ballot to mark the "Guidelines For The Issuance And Management Of Extended Validation Code Signing Certificates" as supe

Re: [Cscwg-public] Voting Begins Ballot CSC-23: Marking the EV Code Signing Guidelines SUPERCEDED

HARICA votes "yes" to ballot CSC-23. On 19/3/2024 7:28 π.μ., Dimitris Zacharopoulos (HARICA) via Cscwg-public wrote: Voting begins for ballot CSC-23. Purpose of the Ballot As agreed at the F2F#61 meeting, this is a ballot to mark the "Guidelines For The Issuance

[Cscwg-public] Voting Begins Ballot CSC-23: Marking the EV Code Signing Guidelines SUPERCEDED

Voting begins for ballot CSC-23. Purpose of the Ballot As agreed at the F2F#61 meeting, this is a ballot to mark the "Guidelines For The Issuance And Management Of Extended Validation Code Signing Certificates" as superceded. The following motion has been proposed by Dimitris

[Cscwg-public] Final CA/Browser Forum agenda - Thursday, March 14, 2024 approximately at 12:00 pm Eastern Time

Dear Members, Here is the draft agenda for the subject call.Wayne Thayer (Fastly)is scheduled to take minutes and Lynn Jeun (VISA)is up next. 1. Begin Recording - Roll Call 2. Read note-well 3. Review of Agenda 4. Approval of minutes from the February 15, 2024 Teleconference (minutes have

Re: [Cscwg-public] Code Signing Baseline Requirements references to the EV Guidelines

eeting. Thank you, Dimitris. On 8/1/2024 3:06 μ.μ., Dimitris Zacharopoulos (HARICA) via Cscwg-public wrote: Dear Members, Following up on the work of importing the references to the EV Guidelines and specifically the latest version (1.8.0) with the exception of the CA/B Forum organization iden

Re: [Cscwg-public] Timestamp Certificate and SubCA updates

key), including any instance of the key as part of a backup, to satisfy this requirement. Thanks, Dimitris. // As a side-note, I wonder if there’s a task for the NSWG (or Definitions WG once it’s setup) to define terms for online and offline HSMs *From: *Cscwg-public on behalf of Dimitris Zach

[Cscwg-public] Ballot CSC-23: Marking the EV Code Signing Guidelines SUPERCEDED

Purpose of the Ballot As agreed at the F2F#61 meeting, this is a ballot to mark the "Guidelines For The Issuance And Management Of Extended Validation Code Signing Certificates" as superceded. The following motion has been proposed by Dimitris Zacharopoulos of HARICA and endorsed by

Re: [Cscwg-public] Timestamp Certificate and SubCA updates

Hi Martijn, Two suggestions submitted on GitHub. Regarding the prohibition of restoring a private key of a Timestamp Certificate, I'm not sure how universal this can be because some HSMs restore an entire slot/partition, which might contain Private Keys associated with obsolete Timestamp

Re: [Cscwg-public] Marking the EV Code Signing Guidelines OBSOLETE

eMudhra will endorse… Regards, _Scott *From: *Cscwg-public on behalf of Dimitris Zacharopoulos (HARICA) via Cscwg-public *Date: *Wednesday, 28 February 2024 at 2:46 PM *To: *cscwg-public@cabforum.org *Subject: *[Cscwg-public] Marking the EV Code Signing Guidelines OBSOLETE *CAUTION:*T

[Cscwg-public] Marking the EV Code Signing Guidelines OBSOLETE

Dear Members, As we discussed today at the F2F#61 meeting, I would like to propose a ballot to mark the "Guidelines For The Issuance And Management Of Extended Validation Code Signing Certificates" as obsolete. I suggest that we update the latest EVCS Guidelines v1.4

Re: [Cscwg-public] Code Signing Baseline Requirements references to the EV Guidelines

version and resolve any conflicts that may be caused by the last 2 ballots. My goal is to get this ready for a ballot after the next F2F meeting. Thank you, Dimitris. On 8/1/2024 3:06 μ.μ., Dimitris Zacharopoulos (HARICA) via Cscwg-public wrote: Dear Members, Following up on the work of importing

Re: [Cscwg-public] [EXTERNAL] Re: FW: Ballot CSC-22: High Risk Requirements Update

correctly, the ballot could be re-run. I don’t have a strong preference. -Tim *From:*Cscwg-public *On Behalf Of *Dimitris Zacharopoulos (HARICA) via Cscwg-public *Sent:* Wednesday, January 17, 2024 1:00 PM *To:* Bruce Morton ; cscwg-public@cabforum.org *Subject:* Re: [Cscwg-public] [EXTERNAL

Re: [Cscwg-public] [EXTERNAL] Re: FW: Ballot CSC-22: High Risk Requirements Update

On 17/1/2024 7:58 μ.μ., Bruce Morton wrote: Yes, that is the email which started the discussion period. Do we need to start over? Dimitris. Bruce. *From:*Cscwg-public *On Behalf Of *Dimitris Zacharopoulos (HARICA) via Cscwg-public *Sent:* Wednesday, January 17, 2024 12:10 PM

Re: [Cscwg-public] FW: Ballot CSC-22: High Risk Requirements Update

Dean, Bruce, Apologies for not spotting this sooner. Can you please confirm if this is the email that was sent to the public list to start the discussion period? https://lists.cabforum.org/pipermail/cscwg-public/2023-December/001141.html If this is the only email that was sent to start the

Re: [Cscwg-public] Voting Period begins - Ballot CSC-21v2: Signing Service Update

HARICA votes "yes" to ballot CSC-21v2. On 5/1/2024 10:01 μ.μ., Bruce Morton via Cscwg-public wrote: *Purpose of the Ballot* This ballot updates the “Baseline Requirements for the Issuance and Management of Publicly‐Trusted Code Signing Certificates“ version 3.4 in order to clarify

Re: [Cscwg-public] Code Signing Baseline Requirements references to the EV Guidelines

Dear Members, Following up on the work of importing the references to the EV Guidelines and specifically the latest version (1.8.0) with the exception of the CA/B Forum organization identifier extension as agreed in previous meetings, the resulting redline (based on CSBR version 3.4.0) is

Re: [Cscwg-public] Voting Period begins - Ballot CSC-22: High Risk Requirements Update

HARICA votes "yes" to ballot CSC-22. On 5/1/2024 10:02 μ.μ., Bruce Morton via Cscwg-public wrote: *Purpose of the Ballot* This ballot updates the “Baseline Requirements for the Issuance and Management of Publicly‐Trusted Code Signing Certificates“ version 3.4 in order to clarify language

Re: [Cscwg-public] MUST overridden by a MAY - Subordinate CA policies

On 22/11/2023 8:16 μ.μ., Bruce Morton via Cscwg-public wrote: I think a separate ballot is required. An alternative would be a cleanup ballot, but I am not sure we have much content for a cleanup ballot. Also, this information is missing from https://cabforum.org/object-registry/:  

Re: [Cscwg-public] Code Signing WG Charter update

On 25/10/2023 12:32 μ.μ., Martijn Katerbarg wrote: Hi Dimitris, * I think we should remove the specific version number of the Bylaws. Members are bound to follow the latest version at all times. Agreed. Fixed in

Re: [Cscwg-public] Code Signing WG Charter update

Hi Martijn, On 20/9/2023 11:45 π.μ., Martijn Katerbarg via Cscwg-public wrote: I’m starting a new thread for this as was previously discussed. Prior to starting discussions at the Forum level, please review my suggested updates to the CSCWG charter in

Re: [Cscwg-public] Voting period begins: CSC-20: Restore Version Reference to EV Guidelines

HARICA votes "yes" to ballot CSC-20. On 12/10/2023 5:43 μ.μ., Corey Bonnell via Cscwg-public wrote: Purpose of the Ballot This ballot updates the "Baseline Requirements for the Issuance and Management of Publicly-Trusted Code Signing Certificates" version 3.4 in order to restore a version

[Cscwg-public] Code Signing Baseline Requirements references to the EV Guidelines

Dear Members, At a previous Teleconference I volunteered to search the CSBRs and find references to the EV Guidelines that could be discussed at the upcoming F2F. We can then decide if we want to import all or some of them to the CSBRs. The EV Guidelines that is -supposed to be- referenced

Re: [Cscwg-public] Proposed Signing Service, High Risk and Timestamp Changes

Makes sense. The CWG has the first say in its own Charter. Thanks, Dimitris. On 13/9/2023 12:11 μ.μ., Martijn Katerbarg wrote: So while updating the charter really is something for the Forum level (ping @Dimitris Zacharopoulos (HARICA) ), I would be inclined to

Re: [Cscwg-public] CSCWG Agenda

Dean, The ballot to remove SSL BR References is CSC-19 and is now in *voting period* which ends Monday July 31 at 10:00 UTC. I suggest Voting Members to vote for the ballot. Thanks, Dimitris. On 24/7/2023 3:24 μ.μ., Dean Coclin via Cscwg-public wrote: MINUTE TAKER: *NEED A VOLUNTEER*

Re: [Cscwg-public] Voting Begins for Ballot CSC-19 - Remove TLS BR References

HARICA votes "yes" to ballot CSC-19. Dimitris. On 24/7/2023 12:02 μ.μ., Dimitris Zacharopoulos (HARICA) via Cscwg-public wrote: This message begins the voting period for ballot CSC-19. Dimitris. Purpose of the Ballot This ballot updates the “Baseline Requirements for th

[Cscwg-public] Voting Begins for Ballot CSC-19 - Remove TLS BR References

This message begins the voting period for ballot CSC-19. Dimitris. Purpose of the Ballot This ballot updates the “Baseline Requirements for the Issuance and Management of Publicly‐Trusted Code Signing Certificates“ version 3.3 in order to remove references pointing the Baseline

[Cscwg-public] Ballot CSC-19 - Remove TLS BR References

Purpose of the Ballot This ballot updates the “Baseline Requirements for the Issuance and Management of Publicly‐Trusted Code Signing Certificates“ version 3.3 in order to remove references pointing the Baseline Requirements for Publicly-Trusted TLS Certificates ("TLS BRs"). The main