It would be great if we could coordinate with a SCWG ballot that requires that CAA be put in section 3.2.2.8. However, as I said on the recent call, there might be a CA or two that has already populated section 3.2.2.8 of their CP/CPS with something else.
On Thu, Dec 7, 2023 at 8:59 AM Stephen Davidson via Smcwg-public < smcwg-public@cabforum.org> wrote: > Thanks Bruce. That section is planned to be deleted. > > > https://github.com/srdavidson/smime/compare/241e92cde85c25d7e0d4a5c70118ecadacd4d72b...c8b0c9ff9fa28c2c7abeb2871aaa2d60a19842ed > > > > I can certainly move the content to 3.2.2.4 but I see that the TLS BR are > considering gathering their the CAA information in 3.2.2.8 which may be > confusing for CAs? > > > > The use of 4.2 would allow consistency across the two docs. > > > > > > > > *From:* Bruce Morton <bruce.mor...@entrust.com> > *Sent:* Wednesday, December 6, 2023 9:09 PM > *To:* Stephen Davidson <stephen.david...@digicert.com>; SMIME Certificate > Working Group <smcwg-public@cabforum.org> > *Subject:* RE: CAA for S/MIME > > > > I think we need to fix this section: > > > > 3.2.2.4 CAA records > > This version of the S/MIME Baseline Requirements does not require the CA > to check for CAA records. The CAA property tags for `issue`, `issuewild`, > and `iodef` as specified in [RFC 8659]( > https://datatracker.ietf.org/doc/html/rfc8659) are not recognized for the > issuance of S/MIME Certificates. > > > > I would really like to add all CAA requirements to section 3.2.2.4, since > it is called CAA records. This would be in line with this TLS BR comment > https://github.com/cabforum/servercert/issues/466. > > > > > > Thanks, Bruce. > > > > *From:* Smcwg-public <smcwg-public-boun...@cabforum.org> *On Behalf Of > *Stephen > Davidson via Smcwg-public > *Sent:* Wednesday, December 6, 2023 1:00 PM > *To:* smcwg-public@cabforum.org > *Subject:* [EXTERNAL] [Smcwg-public] CAA for S/MIME > > > > Hello: > > > > Here is an updated diff for the CAA text following our discussions today: > > > > -As suggested by Cade, to add the TTL/8hr reference consistent with the > TLS BR. > > -To add the implementation dates in 2.2 and 4.2 > > > > > https://github.com/srdavidson/smime/compare/241e92cde85c25d7e0d4a5c70118ecadacd4d72b...43228a41a5cc99a3301c4066621787cde7e0f79a > > > > The plan will be to move this to ballot at the start of 2024, so I > encourage CAs to engage with operations teams and/or software vendors on > the suitability of the implementation dates. > > > > Best regards, Stephen > > > > > > *Any email and files/attachments transmitted with it are intended solely > for the use of the individual or entity to whom they are addressed. If this > message has been sent to you in error, you must not copy, distribute or > disclose of the information it contains. Please notify Entrust immediately > and delete the message from your system.* > _______________________________________________ > Smcwg-public mailing list > Smcwg-public@cabforum.org > https://lists.cabforum.org/mailman/listinfo/smcwg-public >
_______________________________________________ Smcwg-public mailing list Smcwg-public@cabforum.org https://lists.cabforum.org/mailman/listinfo/smcwg-public