Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Identity validation: Digital signatures #111

Closed
chrisbn opened this issue May 19, 2022 · 4 comments
Closed

Identity validation: Digital signatures #111

chrisbn opened this issue May 19, 2022 · 4 comments

Comments

@chrisbn
Copy link
Contributor

chrisbn commented May 19, 2022

For digital signatures (section 3.2.4.1 option 3), could we allow additional adopted standards to be used under certain conditions, for example:

  • CA has a documented procedure to review adopted standards against the SMIME BRs to ensure they meet the required assurance level;
  • the CA lists additional accepted standards in their CPS; and
  • CA notifies these additional standards for inclusion within the SMIME BRs, but pending acceptance/rejection these standards may be used.
@srdavidson
Copy link
Contributor

The existing content was adopted from the CSBR.
Can we define how to assess comparable reliability in the signature schemes?

@timfromdigicert
Copy link

I'm curious how people interpret "If a digital signature is to be used as evidence, ..." That seems rather vague and unverifiable/unauditable.

srdavidson added a commit to srdavidson/smime that referenced this issue May 26, 2022
@srdavidson
Issue Identity validation: Digital signatures cabforum#111
f0edcaa
srdavidson added a commit that referenced this issue May 26, 2022
@srdavidson
Feedback from Sectigo, Globalsign, Russ Houseley (#127)
0cb0d43 
* Enterprise registration authorities #120
* Certificate Profile Subject #121
* Non ASCII character substitution #122
* 7.1.2.3 Subscriber certificates, Paragraph f. #123
* issue eIDAS eIDs: attribute collection and validation of individual identity #119
* Issue #124
* Issue #125
* Current names from Sectigo
* 4.9.6 from Sectigo
* Issue #126
* Issue Identity validation: Digital signatures #111
@XolphinMartijn
Copy link
Member

@srdavidson Should we remove the " or CDS" string? I believe that program is no longer in use

@srdavidson
Copy link
Contributor

Proposed text at https://github.com/cabforum/smime/blob/preSBR/SBR.md#3241-attribute-collection-of-individual-identity item 4

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@srdavidson @XolphinMartijn @timfromdigicert @chrisbn