Re: [Cscwg-public] [Voting Period Begins] CSC-24 (v3): Timestamping Private Key Protection

Tue, 21 May 2024 00:26:44 -0700 

Sectigo votes yes



De: Cscwg-public <cscwg-public-boun...@cabforum.org> En nombre de Martijn
Katerbarg via Cscwg-public
Enviado el: lunes, 20 de mayo de 2024 11:05
Para: cscwg-public@cabforum.org
Asunto: [Cscwg-public] [Voting Period Begins] CSC-24 (v3): Timestamping
Private Key Protection



CAUTION: This email originated from outside of the organization. Do not
click links or open attachments unless you recognize the sender and know the
content is safe.



Purpose of the Ballot

This ballot updates the “Baseline Requirements for the Issuance and
Management of Publicly‐Trusted Code Signing Certificates“ version 3.7 in
order to clarify language regarding Timestamp Authority Private Key
Protection. The main goals of this ballot are to:

1.      Require Private Keys  associated with newly issued Timestamp
Authority Subordinate CA to be stored in offline HSMs
2.      Require newly issued Timestamp Certificates to be issued from a TSA
CA with its Private key storedn in offline HSMs
3.      Add a requirement to remove Private Keys associated with Timestamp
Certificates after a 18 months
4.      Add a requirement to reject SHA-1 timestamp requests

The following motion has been proposed by Martijn Katerbarg of Sectigo and
endorsed by Bruce Morton of Entrust and Ian McMillan of Microsoft.



MOTION BEGINS



This ballot updates the “Baseline Requirements for the Issuance and
Management of Publicly‐Trusted Code Signing Certificates” ("Code Signing
Baseline Requirements") based on version 3.7. MODIFY the Code Signing
Baseline Requirements as specified in the following redline: https://github.
com/cabforum/code-signing/compare/d431d9104094f2b89f35ed4bf1d64b9a844e762b..
.61d9426e9025d448a13eb56fa75b9651b2136548

MOTION ENDS

The procedure for this ballot is as follows:

Discussion (7 days)

*       Start Time: 2024-05-10 10:45 UTC
*       End Time: Not before 2024-05-20 09:05 UTC

Vote for approval (7 days)

*       Start Time: 2024-05-20 09:05 UTC
*       End Time: 2024-05-27 09:05 UTC

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
Cscwg-public mailing list
Cscwg-public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/cscwg-public

Reply via email to