Update CSBR.md for proposed validity period change #48
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Updating to mostly match ian's original verbiage. However, given that we want at least 6 months to reflect the change after enforcmeent, setting the date to January 1st of 2026 instead of the original June 15th of 2025
removing previous line to avoid confusion, and updating to March
Update CSBR.md for proposed validity period change
CBonnell
reviewed
Sep 5, 2025
| @@ -2029,7 +2029,7 @@ CAs SHALL ensure that the Subscriber’s Private Key is generated, stored, and u | |||
|
|
|||
| Subscribers and Signing Services MAY sign Code at any point in the development or distribution process. Code Signatures may be verified at any time, including during download, unpacking, installation, reinstallation, or execution, or during a forensic investigation. | |||
|
|
|||
| The validity period for a Code Signing Certificate issued to a Subscriber or Signing Service MUST NOT exceed 39 months. | |||
| For all Code Signing Certificates issued after March 1st, 2026, the validity period for the Code Signing Certificate issued to a Subscriber MUST NOT exceed 460 days. | |||
There was a problem hiding this comment.
Suggested change
| For all Code Signing Certificates issued after March 1st, 2026, the validity period for the Code Signing Certificate issued to a Subscriber MUST NOT exceed 460 days. | |
| For Code Signing Certificates issued before March 1st, 2026, the validity period MUST NOT exceed 39 months. For Code Signing Certificates issued on or after March 1st, 2026, the validity period MUST NOT exceed 460 days. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adding verbiage to set new code signing certificate validity to 460 days