2024-11-14 Minutes of the Code Signing Certificate Working Group
Attendees
Atsushi Inaba (GlobalSign); Brian Winters (IdenTrust); Corey Bonnell (DigiCert); Dean Coclin (DigiCert); Inigo Barreira (Sectigo); Luis Cervantes (SSL.com); Marco Schambach (IdenTrust); Martijn Katerbarg (Sectigo); Nome-Huang (TrustAsia); Rebecca Kelley (SSL.com); Roberto Quiñones (Intel); Thomas Zermeno (SSL.com); Yateesh Bhardwaj (Globalsign)
Prior meeting minutes
- 10/10/24 by Kateryna Alexsieieva (Asseco)- posted 11/03/24 - approved
- Minutes from 10/31/24 by Martijn - posted 11/11/24 - approved
Maximum validity of code signing certs
- worked on by Ian; he’s a bit behind on that, hopes to get it into GitHub before Thanksgiving holiday
- no comments on the ballot
Email from Bruce Morton (Entrust) 10/31/24
- aligning the code signing BRs with SCWG BRs
- Cory evaluated the ballot concerns
- Ballot SC-73 - has some value with CSCWG
- Ballot SC-75 - Pre-Sign linting - there is no linting created for CS at this time.
- Ballot SC-76v2 -OCSP requirements - Microsoft removed their requirements. Martijn feels like we could follow the ballot; Corey agrees that the 15-minute rule has some value to Code Signing. There’s lots of pre-cert language in the ballot that does not relate to Code Signing.
- Ballot SC-77 - Update Web Trust Audit name in Section 8.4 and references - already addressed
- Ballot SC-78 - Subject organizationName - Martijn is checking to see if there are CS issues
- Ballot SC 79v2 - allow more than one certificate policy - not relevant in CS environment.
- Martijn mentioned a desired logging ballot; and will update the list with it, later.
Other business
- New Chair starting 12/1/24 - Martijn and new Vice Chair Thomas
- No meeting on 11/28 for Thanksgiving – Martijn will lead the meeting on 12/12; need to set new hosts for the WebEx meeting.
- Dean gave a great farewell speech, and we all thanked him for his great service to the CSCWG