CA/Browser Forum posts
Posts by author Ben Wilson
2015-02-19 Minutes
February 19, 2015 by Ben WilsonAttendees: Dean Coclin (Symantec), Doug Beattie (GlobalSign), Kirk Hall (Trend Micro), Bruce Morton (Entrust), Rick Andrews (Symantec), Ben Wilson (DigiCert), Eddy Nigg (Startcom), Volkan Nergiz (TurkTrust), Robin Alden (Comodo), Mads Henriksveen (BuyPass), Tim Shirley (Trustwave), Wayne Thayer (GoDaddy), Cornelia Enke (SwissSign), Atilla Biler (TurkTrust), Gerv Markham (Mozilla), Jeremy Rowley (DigiCert), Atsushi Inaba (GlobalSign), Sissel Hoel (BuyPass), Kubra Zeray (TurkTrust), Davut Tokgöz (E-Tugra), Cecilia Kam (Symantec). Antitrust Statement was read. Minutes of Feb 5th meeting were approved.
February 19, 2015 by Ben WilsonAttendees: Dean Coclin (Symantec), Doug Beattie (GlobalSign), Kirk Hall (Trend Micro), Bruce Morton (Entrust), Rick Andrews (Symantec), Ben Wilson (DigiCert), Eddy Nigg (Startcom), Volkan Nergiz (TurkTrust), Robin Alden (Comodo), Mads Henriksveen (BuyPass), Tim Shirley (Trustwave), Wayne Thayer (GoDaddy), Cornelia Enke (SwissSign), Atilla Biler (TurkTrust), Gerv Markham (Mozilla), Jeremy Rowley (DigiCert), Atsushi Inaba (GlobalSign), Sissel Hoel (BuyPass), Kubra Zeray (TurkTrust), Davut Tokgöz (E-Tugra), Cecilia Kam (Symantec). Antitrust Statement was read. Minutes of Feb 5th meeting were approved.
Ballot 145 – Operational Existence for Government Entities
February 19, 2015 by Ben WilsonBallot 145 – Operational Existence for Government Entities Reason Because government entities aren’t operating as businesses, they are often not listed with a QIIS, especially immediately after the entity is created by either statute or order. The legal existence of these entities is verifiable through a QGIS, but this source in many countries (especially Arabic and African countries) does not always list a date of creation of these entities. Operational existence exists to ensure organizations aren’t fly-by-night scams/phishing entities.
February 19, 2015 by Ben WilsonBallot 145 – Operational Existence for Government Entities Reason Because government entities aren’t operating as businesses, they are often not listed with a QIIS, especially immediately after the entity is created by either statute or order. The legal existence of these entities is verifiable through a QGIS, but this source in many countries (especially Arabic and African countries) does not always list a date of creation of these entities. Operational existence exists to ensure organizations aren’t fly-by-night scams/phishing entities.
Ballot 144 – Validation rules for .onion names
February 18, 2015 by Ben WilsonBallot 144 – Validation Rules for .onion Names – passed with 6 Yes votes, 2 No votes and 13 Abstentions from the CAs and 3 Yes votes from the browsers. Detailed results are on the Forum’s ballot tracker (Ballot Results – Vote Tally at the bottom of the Ballots page on the Forum’s wiki). Ballot 144 reads as follows: Applicants want a CA-signed .onion address for several reasons, including: – Powerful web platform features are restricted to secure origins, which are currently not available to onion names (in part, because of the lack of IANA registration).
February 18, 2015 by Ben WilsonBallot 144 – Validation Rules for .onion Names – passed with 6 Yes votes, 2 No votes and 13 Abstentions from the CAs and 3 Yes votes from the browsers. Detailed results are on the Forum’s ballot tracker (Ballot Results – Vote Tally at the bottom of the Ballots page on the Forum’s wiki). Ballot 144 reads as follows: Applicants want a CA-signed .onion address for several reasons, including: – Powerful web platform features are restricted to secure origins, which are currently not available to onion names (in part, because of the lack of IANA registration).
Ballot 143 – Formalization of Validation Working Group
February 18, 2015 by Ben WilsonBallot 143 – Formalization of Validation Working Group Reason In order to address validation issues and inconsistencies in both the SSL Baseline Requirements and the EV Guidelines, the CAB Forum has held an informal working group previously referred to as the Extended Validation Working Group now known as the Validation Working Group, would like to modify its scope to include validation in the Baseline Requirements as well as the EV Guidelines.
February 18, 2015 by Ben WilsonBallot 143 – Formalization of Validation Working Group Reason In order to address validation issues and inconsistencies in both the SSL Baseline Requirements and the EV Guidelines, the CAB Forum has held an informal working group previously referred to as the Extended Validation Working Group now known as the Validation Working Group, would like to modify its scope to include validation in the Baseline Requirements as well as the EV Guidelines.
2015-02-05 Minutes
February 5, 2015 by Ben WilsonAttendees: Dean (Symantec), Gerv (Mozilla), Jeremy (Digicert), Atsushi (Globalsign), Ben W (Digicert), Tim S (Trustwave), Davut (E-Tugra), Robin (Comodo), Doug (Globalsign), Patrick (OATI), Volkan (TurkTrust), Kubra (TurkTrust), Eddy (Startcom), Tim H (Trustwave), Anoosh (Microsoft), Wayne (GoDaddy), Chris (Trustwave), Jody (Microsoft), Peter (Disig), Ryan S (Google) Antitrust statement was read. Minutes of Jan 22, 2015 meeting were approved. Ballot updates: EV Working Group name change to Validation working group: Jeremy has proposed a ballot to change the name and scope of the working group to include other validations, not just for EV.
February 5, 2015 by Ben WilsonAttendees: Dean (Symantec), Gerv (Mozilla), Jeremy (Digicert), Atsushi (Globalsign), Ben W (Digicert), Tim S (Trustwave), Davut (E-Tugra), Robin (Comodo), Doug (Globalsign), Patrick (OATI), Volkan (TurkTrust), Kubra (TurkTrust), Eddy (Startcom), Tim H (Trustwave), Anoosh (Microsoft), Wayne (GoDaddy), Chris (Trustwave), Jody (Microsoft), Peter (Disig), Ryan S (Google) Antitrust statement was read. Minutes of Jan 22, 2015 meeting were approved. Ballot updates: EV Working Group name change to Validation working group: Jeremy has proposed a ballot to change the name and scope of the working group to include other validations, not just for EV.
CA/B Forum Releases Code Signing Baseline Requirements – Final Draft for Public Exposure
February 5, 2015 by Ben WilsonThe Code Signing Working Group of the CA/Browser Forum announces the final draft of the Code Signing Baseline Requirements. This version takes into account comments received in the first round of public review as well as comments from WebTrust auditors. Additional changes/corrections were incorporated by the working group over the past 3 months. Baseline requirements for codesigning – Feb 4 2015 This version is being sent out to the public mailing list and will be posted on the CA/B Forum website for final comments until March 6th, 2015.
February 5, 2015 by Ben WilsonThe Code Signing Working Group of the CA/Browser Forum announces the final draft of the Code Signing Baseline Requirements. This version takes into account comments received in the first round of public review as well as comments from WebTrust auditors. Additional changes/corrections were incorporated by the working group over the past 3 months. Baseline requirements for codesigning – Feb 4 2015 This version is being sent out to the public mailing list and will be posted on the CA/B Forum website for final comments until March 6th, 2015.
2015-01-22 Minutes
January 22, 2015 by Ben WilsonCA-Browser Forum Conference Call – 22 January 2015 Antitrust Statement was read. Roll Call: Kirk Hall presided as Vice Chair, and took the roll call. Present at the meeting were: Kirk Hall (Trend Micro), Ben Wilson (DigiCert), Atsushi Inaba (GlobalSign), Bruce Morton (Entrust), Doug Beattie (GlobalSign), Gerv Markham (Mozilla), Jeremy Rowley (DigiCert), Atilla Bilar (TurkTrust), Volkan Nergiz (TurkTrust), Robin Alden (Comodo), Eddy Nigg (Startcom), Stephen Davidson (Quo Vadis), Jody Coultier (Microsoft), Tim Hollebeek (Trustwave), Rick Andrews Symantec), Mads Henriksveen (Buypass), Anoosh Saboori (Microsoft), Peter Miškovič (Disig), Patrick Tronnier (OATI), and Wayne Thayer (GoDaddy), **Agenda reviewed.
January 22, 2015 by Ben WilsonCA-Browser Forum Conference Call – 22 January 2015 Antitrust Statement was read. Roll Call: Kirk Hall presided as Vice Chair, and took the roll call. Present at the meeting were: Kirk Hall (Trend Micro), Ben Wilson (DigiCert), Atsushi Inaba (GlobalSign), Bruce Morton (Entrust), Doug Beattie (GlobalSign), Gerv Markham (Mozilla), Jeremy Rowley (DigiCert), Atilla Bilar (TurkTrust), Volkan Nergiz (TurkTrust), Robin Alden (Comodo), Eddy Nigg (Startcom), Stephen Davidson (Quo Vadis), Jody Coultier (Microsoft), Tim Hollebeek (Trustwave), Rick Andrews Symantec), Mads Henriksveen (Buypass), Anoosh Saboori (Microsoft), Peter Miškovič (Disig), Patrick Tronnier (OATI), and Wayne Thayer (GoDaddy), **Agenda reviewed.
Ballot 142 – Elimination of EV Insurance Requirement
January 19, 2015 by Ben WilsonElimination of EV Insurance Requirement Voting on Ballot 142 closed on 19 January 2015. The Chair received “yes” votes from: Turktrust, Startcom, Firmaprofessional, Sertifit, Trend Micro, WoSign, SSC, Disig, Symantec, e-Tugra, Secom, Buypass, Chungwha, Opera, Mozilla, 360 Browser, Google And “no” votes from: Digicert, ANF AC, QuoVadis, Trustwave, OpenTrust, GoDaddy, Entrust, Network Solutions, Comodo 3 abstained. Therefore, Ballot 142 fails. The following motion has been proposed by Gervase Markham of Mozilla and endorsed by Ryan Sleevi of Google and Moudrick Dadashov of SSC.
January 19, 2015 by Ben WilsonElimination of EV Insurance Requirement Voting on Ballot 142 closed on 19 January 2015. The Chair received “yes” votes from: Turktrust, Startcom, Firmaprofessional, Sertifit, Trend Micro, WoSign, SSC, Disig, Symantec, e-Tugra, Secom, Buypass, Chungwha, Opera, Mozilla, 360 Browser, Google And “no” votes from: Digicert, ANF AC, QuoVadis, Trustwave, OpenTrust, GoDaddy, Entrust, Network Solutions, Comodo 3 abstained. Therefore, Ballot 142 fails. The following motion has been proposed by Gervase Markham of Mozilla and endorsed by Ryan Sleevi of Google and Moudrick Dadashov of SSC.
Ballot 141 – Elimination of EV Insurance Requirement; Financial Responsibility for Mis-Issued Certificates
January 19, 2015 by Ben WilsonBallot 141 – Elimination of EV Insurance Requirement; Financial Responsibility for Mis-Issued Certificates Voting on Ballot 141 closed on 19 January 2015. The Chair received “yes” votes from: Trend Micro, Mozilla, TurkTrust, WoSign, 360 Browser, Comodo, SSC, GoDaddy, Network Solutions, Chungwa Telecom, Microsoft “No” votes by: Firmaprofessional, ANF AC, Quovadis, Opera, Startcom, Digicert, OpenTrust, Trustwave, Symantec, Secom, Entrust, Google 5 abstained. Therefore, Ballot 141 fails. The following motion has been proposed by Kirk Hall of Trend Micro and endorsed by Robin Alden of Comodo and Dean Coclin of Symantec.
January 19, 2015 by Ben WilsonBallot 141 – Elimination of EV Insurance Requirement; Financial Responsibility for Mis-Issued Certificates Voting on Ballot 141 closed on 19 January 2015. The Chair received “yes” votes from: Trend Micro, Mozilla, TurkTrust, WoSign, 360 Browser, Comodo, SSC, GoDaddy, Network Solutions, Chungwa Telecom, Microsoft “No” votes by: Firmaprofessional, ANF AC, Quovadis, Opera, Startcom, Digicert, OpenTrust, Trustwave, Symantec, Secom, Entrust, Google 5 abstained. Therefore, Ballot 141 fails. The following motion has been proposed by Kirk Hall of Trend Micro and endorsed by Robin Alden of Comodo and Dean Coclin of Symantec.
2015-01-08 minutes
January 8, 2015 by Ben WilsonMinutes Jan. 8, 2015 Attendees: Dean, Davut, Patrick (OATI), Wayne, Atsushi, Ben, Kirk, Atilla, Gerv, Doug, Eddy, Jeremy, Tim H(Trustwave), Cecilia, Ryan S, Stephen, Chris (Trustwave), Kubra, Volkan (Turktrust), Robin, Bruce, Tim S (Trustwave), Sisel (Buypass), Peter (Disig), Rick Minutes of 12 December meeting were approved. These will be posted to the public list. .Onion proposal: Jeremy is looking for a 2nd The proposal is for EV vetting of .Onion domains, which provide the value as to who is operating the service (removing anonymity for the service provider).
January 8, 2015 by Ben WilsonMinutes Jan. 8, 2015 Attendees: Dean, Davut, Patrick (OATI), Wayne, Atsushi, Ben, Kirk, Atilla, Gerv, Doug, Eddy, Jeremy, Tim H(Trustwave), Cecilia, Ryan S, Stephen, Chris (Trustwave), Kubra, Volkan (Turktrust), Robin, Bruce, Tim S (Trustwave), Sisel (Buypass), Peter (Disig), Rick Minutes of 12 December meeting were approved. These will be posted to the public list. .Onion proposal: Jeremy is looking for a 2nd The proposal is for EV vetting of .Onion domains, which provide the value as to who is operating the service (removing anonymity for the service provider).