Home » Posts » 2024-07-11 Minutes of the Code Signing Certificate Working Group

2024-07-11 Minutes of the Code Signing Certificate Working Group

Attendees

Atsushi INABA - GlobalSign, Brian Winters - IdenTrust, Bruce Morton - Entrust, Corey Bonnell -DigiCert, Dean Coclin-DigiCert (checked in to start meeting call), Ian McMillan Microsoft, Inigo Barreira - Sectigo, Rebecca Kelley - SSL.com, Scott Rea - eMudhra, Thomas Zermeno - SSL.com, Tim Crawford - BDO, Wangmo Tenzing

Minutes

Roll Call
- Completed by Bruce
Antitrust reminder
- Completed by Bruce
Approve prior meeting minutes – June 13th and June 27th (Brianca)
- Minutes are not available for review and approval
- Pushed to next meeting
IPR review: CSC-25 Remove EV Guideline References (Dimitris)
- Ballot has passed and IPR period set to complete on August 1, 2024
IPR review: CSC-26 Time-stamp Requirements update (Martijn)
- Ballot has passed and IPR period set to complete on August 1, 2024
Simplifying EV (Tim)
- Tim was not available on the call (pushing to next meeting)
- No progress has been made currently, but CSC-25 completion will simplify this effort
Other business
- Ian volunteered to provide draft language for reducing the signing certificate max validity from 39 months to 15 months as previously discussed by the group
- Draft to be shared in next meeting
- No other business
Next meeting – July 25th
Adjourn

Latest releases

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed

CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38

Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.5 - Ballot SMC07 - Jul 15, 2024

Ballot SMC07: Align Logging Requirement and Key Escrow clarification

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35