DigiCert votes NO on FORUM-020 v2.
This is purely based on a minor problem which I wish I had spotted during the discussion period, but didn’t. The problem is that the requirement to put the CABF policy OID in timestamping certs or ICAs is pretty recent, and there are extant certificates out there that don’t have it, but are still trusted by Microsoft. I think it is a mistake to have those certificates be outside the scope of the charter. I think the correct scope is timestamp certificates that chain to public roots trusted by one or more certificate consumers. Again, this is definitely just a nit, and DigiCert would be happy to support an amended charter that fixes this very minor flaw. -Tim From: Public <[email protected]> On Behalf Of Martijn Katerbarg via Public Sent: Thursday, January 4, 2024 3:02 PM To: CABforum1 <[email protected]> Subject: [cabfpub] Voting Period begins: Ballot FORUM-020 v2 - Amend Code Signing Certificate Working Group Charter Ballot FORUM-020 v2 - Amend Code Signing Certificate Working Group Charter Purpose of Ballot This ballot proposes to amend the Code Signing Certificate Working Group (CSCWG) Charter with the following changes: * Bump the Charter version. * Add a limited scope for timestamp certificates. * Remove the version reference of the bylaws that we follow. * During a ballot, count only members that are in a voting class, disregarding associate members and interested parties. * Align Quorum definition as half the average, as the Bylaws have it set. The following motion has been proposed by Martijn Katerbarg of Sectigo and endorsed by Bruce Morton of Entrust and Dimitris Zacharopoulos of HARICA. ----- Motion Begins ----- MODIFY the Charter of the Code Signing Certificate Working Group as specified in the following redline: <https://github.com/cabforum/forum/compare/59185f16917cc7f5b83564fe5fddff32cf84c8ce...b80c98b80ee132e2a3adf09bfa8ba7448084d11d> https://github.com/cabforum/forum/compare/59185f16917cc7f5b83564fe5fddff32cf84c8ce...b80c98b80ee132e2a3adf09bfa8ba7448084d11d ----- Motion Ends ----- This ballot does not propose a Final Guideline or Final Maintenance Guideline. The procedure for approval of this ballot is as follows: Discussion Period (7+ days) Start Time: 2023-12-14 – 16:00 UTC End Time: 2024-01-04 – 20:00 UTC Vote for approval (7 days) Start Time: 2024-01-04 – 20:00 UTC End Time: 2024-01-11 – 20:00 UTC
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Public mailing list [email protected] https://lists.cabforum.org/mailman/listinfo/public
