Relying on a certificate/digital signature applied by the Applicant #244
Labels
Future Version
Future version of the S/MIME BR
Comments
|
Here is a draft proposal to add a Qualified Electronic Signature per EU Regulation (EU) 910/2014 (aka eIDAS) as an approved scheme under Section 3.2.4.1 (4) (a). https://github.com/srdavidson/QES-SMIME-BR/blob/master/QES-proposal.md |
|
Wouldn't it be better to refer to the eIDAS update which has been published on April 30, so Regulation 2024/1183 and linking to https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=OJ:L_202401183? That isn't the full text (Regulation 2024/1183 amends 910/2014) but it might be better (like we also refer to updated RFCs). |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Section 3.2.4.1 (4) (b) of the S/MIME BR lays out the "Approved Framework" criteria to be considered by the SMCWG to allow a CA to rely upon a digital signature as evidence in vetting in Section 3.2.4.1 (4) (a).
https://github.com/cabforum/smime/blob/main/SBR.md#3241-attribute-collection-of-individual-identity
SMCWG should propose a specific certificate/signature scheme under the Approved Framework.
The text was updated successfully, but these errors were encountered: