CA/Browser Forum posts
Posts by author Ben Wilson
Ballot 128 – CP Review Working Group (passes)
July 9, 2014 by Ben WilsonVoting closed on July 9, 2014. In Favor: Buypass, DigiCert, GlobalSign, OPENTRUST, QuoVadis, SECOM, Symantec, Trend Micro, TURKTRUST, WoSign, Opera, Mozilla and Microsoft. Abstaining: Actalis Result: Ballot passes. Ballot 128 – CP Review Working Group During the CAB Forum face-to-face meeting, we discussed creating a working group to compare the NIST IR proposal and various with the existing CAB Forum work product. The group will also continue our contemplation on converting to a 3647 format to make future comparisons easier.
July 9, 2014 by Ben WilsonVoting closed on July 9, 2014. In Favor: Buypass, DigiCert, GlobalSign, OPENTRUST, QuoVadis, SECOM, Symantec, Trend Micro, TURKTRUST, WoSign, Opera, Mozilla and Microsoft. Abstaining: Actalis Result: Ballot passes. Ballot 128 – CP Review Working Group During the CAB Forum face-to-face meeting, we discussed creating a working group to compare the NIST IR proposal and various with the existing CAB Forum work product. The group will also continue our contemplation on converting to a 3647 format to make future comparisons easier.
Notice of IPR Review Period for Amendment to the EV Code Signing Guidelines by Ballot 117
July 7, 2014 by Ben WilsonPursuant to Section 4.1 of the CA/Browser Forum’s IPR Policy, this is notice of the commencement of a 30-day IPR maintenance-guideline review period by which certain provisions of the IPR will become applicable to these recent changes made to the EV Code Signing Guidelines by Ballot 117. Ballot 117 clarified what is allowed in the Common Name and Subject Alternative Name fields, as set forth in sections 9.2.2 and 9.2.3 of the EV Code Signing Guidelines.
July 7, 2014 by Ben WilsonPursuant to Section 4.1 of the CA/Browser Forum’s IPR Policy, this is notice of the commencement of a 30-day IPR maintenance-guideline review period by which certain provisions of the IPR will become applicable to these recent changes made to the EV Code Signing Guidelines by Ballot 117. Ballot 117 clarified what is allowed in the Common Name and Subject Alternative Name fields, as set forth in sections 9.2.2 and 9.2.3 of the EV Code Signing Guidelines.
Notice of IPR Review Period for Amendments Made to the EV Guidelines by Ballots 113, 114, 119, 120, and 124
July 7, 2014 by Ben WilsonPursuant to Section 4.1 of the CA/Browser Forum’s IPR Policy, this is notice of the commencement of a 30-day IPR maintenance-guideline review period by which certain provisions of the IPR will become applicable to these recent changes made to the EV Guidelines by Ballots 113, 114, 119, 120, and 124. Ballot 113 revised the definition of a Qualified Independent Information Source in Section 11.10.5 of the EV Guidelines. Ballot 114 revised the definition of Business Entity, Private Organization, and Incorporating Agency in the EV Guidelines.
July 7, 2014 by Ben WilsonPursuant to Section 4.1 of the CA/Browser Forum’s IPR Policy, this is notice of the commencement of a 30-day IPR maintenance-guideline review period by which certain provisions of the IPR will become applicable to these recent changes made to the EV Guidelines by Ballots 113, 114, 119, 120, and 124. Ballot 113 revised the definition of a Qualified Independent Information Source in Section 11.10.5 of the EV Guidelines. Ballot 114 revised the definition of Business Entity, Private Organization, and Incorporating Agency in the EV Guidelines.
Notice of IPR Review Period for Amendments to Baseline Requirements per Ballots 112 and 120
July 7, 2014 by Ben WilsonPursuant to Section 4.1 of the CA/Browser Forum’s IPR Policy, this is notice of the commencement of a 30-day IPR maintenance-guideline review period by which certain provisions of the IPR will become applicable to these recent changes made to the Baseline Requirements by Ballots 112 and 120. Ballot 112 replaced “Internal Server Name” with use of the term “Internal Name” in the Baseline Requirements Ballot 120 made certain changes to the Baseline Requirements concerning the ability of Affiliates to verify domain registration, ownership, or control on behalf of an Applicant.
July 7, 2014 by Ben WilsonPursuant to Section 4.1 of the CA/Browser Forum’s IPR Policy, this is notice of the commencement of a 30-day IPR maintenance-guideline review period by which certain provisions of the IPR will become applicable to these recent changes made to the Baseline Requirements by Ballots 112 and 120. Ballot 112 replaced “Internal Server Name” with use of the term “Internal Name” in the Baseline Requirements Ballot 120 made certain changes to the Baseline Requirements concerning the ability of Affiliates to verify domain registration, ownership, or control on behalf of an Applicant.
2014-06-26 Minutes
June 26, 2014 by Ben WilsonAntitrust Statement: Read by Ben. Roll Call: Atsushi Inaba, Ben Wilson, Stephen Davidson, Doug Beattie, Kirk Hall, Eddy Nigg, Mads Henriksveen, Sissel Hoel, Chris Casciano, Wayne Thayer, Gerv Markham, Rick Andrews, Dave Barnet, John Amaral, and Ryan Sleevi Application of OATI: We have reviewed OATI’s application. The OATI root certificate is trusted only in Internet Explorer. Kirk noted that they do not have a Baseline Requirements WebTrust audit. Gerv said that membership requirements are defined by our bylaws, which do not specifically require a WebTrust Baseline Requirements audit.
June 26, 2014 by Ben WilsonAntitrust Statement: Read by Ben. Roll Call: Atsushi Inaba, Ben Wilson, Stephen Davidson, Doug Beattie, Kirk Hall, Eddy Nigg, Mads Henriksveen, Sissel Hoel, Chris Casciano, Wayne Thayer, Gerv Markham, Rick Andrews, Dave Barnet, John Amaral, and Ryan Sleevi Application of OATI: We have reviewed OATI’s application. The OATI root certificate is trusted only in Internet Explorer. Kirk noted that they do not have a Baseline Requirements WebTrust audit. Gerv said that membership requirements are defined by our bylaws, which do not specifically require a WebTrust Baseline Requirements audit.
Minutes of the F2F 32 Meeting in Eilat, Israel, 16-18 June 2014
June 17, 2014 by Ben WilsonFace-to-Face Meeting 32 – EilatAntitrust Statement The antitrust statement was read. Roll Call **Present: ** Ben Wilson, Dean Coclin, Jeremy Rowley, Robin Alden, Eddy Nigg, Kelvin Yiu, Iñigo Barreira, Rick Andrews, Atsushi Inaba, Doug Beattie, Don Sheehy, Kirk Hall, Gerv Markham, Moudrick Dadashov, and Wayne Thayer Day 1 -Monday, 16 June 2014 SSL Performance WG (prepared by Kelvin Yiu) Wayne talked about goals, outcome, and how to get there. Thanks to data provided by Yngve
June 17, 2014 by Ben WilsonFace-to-Face Meeting 32 – EilatAntitrust Statement The antitrust statement was read. Roll Call **Present: ** Ben Wilson, Dean Coclin, Jeremy Rowley, Robin Alden, Eddy Nigg, Kelvin Yiu, Iñigo Barreira, Rick Andrews, Atsushi Inaba, Doug Beattie, Don Sheehy, Kirk Hall, Gerv Markham, Moudrick Dadashov, and Wayne Thayer Day 1 -Monday, 16 June 2014 SSL Performance WG (prepared by Kelvin Yiu) Wayne talked about goals, outcome, and how to get there. Thanks to data provided by Yngve
Ballot 124 – Business Entity Clarification (passed)
June 5, 2014 by Ben WilsonBallot 124 – Business Entity Clarification Voting closed on June 5, 2014. We received votes in favor from Actalis, ANF, Buypass, DigiCert, Disig, Firmaprofesional, GlobalSign, GoDaddy.com, Logius PKIoverheid, Mozilla, QuoVadis, StartCom, Symantec, Trend Micro, TURKTRUST, OpenTrust, and WoSign. There were no votes against and no abstentions. Therefore, Ballot 124 passed. The EV Guidelines Working Group identified an erroneous cross-reference in the first sentence of Section 11.2.2(3) (Business Entity Subjects). Joanna Fox of GoDaddy made the following motion, and Cecilia Kam of Symantec and Ben Wilson from DigiCert have endorsed it.
June 5, 2014 by Ben WilsonBallot 124 – Business Entity Clarification Voting closed on June 5, 2014. We received votes in favor from Actalis, ANF, Buypass, DigiCert, Disig, Firmaprofesional, GlobalSign, GoDaddy.com, Logius PKIoverheid, Mozilla, QuoVadis, StartCom, Symantec, Trend Micro, TURKTRUST, OpenTrust, and WoSign. There were no votes against and no abstentions. Therefore, Ballot 124 passed. The EV Guidelines Working Group identified an erroneous cross-reference in the first sentence of Section 11.2.2(3) (Business Entity Subjects). Joanna Fox of GoDaddy made the following motion, and Cecilia Kam of Symantec and Ben Wilson from DigiCert have endorsed it.
Ballot 120 – Affiliate Authority to Verify Domain (passed)
June 5, 2014 by Ben WilsonVoting closed on June 5, 2014. We received votes in favor from Actalis, ANF, Buypass, DigiCert, Disig, Firmaprofesional, GlobalSign, GoDaddy.com, Logius PKIoverheid, Mozilla, QuoVadis, StartCom, Symantec, Trend Micro, TURKTRUST, OpenTrust, and WoSign. There were no votes against and no abstentions. Therefore, Ballot 120 passed. Kirk Hall of TrendMicro made the following motion and Jeremy Rowley of DigiCert and Cecilia Kam of Symantec have endorsed it: Ballot 120 – Affiliate Authority to Verify Domain Reasons for proposed ballot Ballot 72 in May 2012 reorganized the EV Guidelines by moving certain definitions and common provisions to the Baseline Requirements and replacing them with cross references to the Baseline Requirements.
June 5, 2014 by Ben WilsonVoting closed on June 5, 2014. We received votes in favor from Actalis, ANF, Buypass, DigiCert, Disig, Firmaprofesional, GlobalSign, GoDaddy.com, Logius PKIoverheid, Mozilla, QuoVadis, StartCom, Symantec, Trend Micro, TURKTRUST, OpenTrust, and WoSign. There were no votes against and no abstentions. Therefore, Ballot 120 passed. Kirk Hall of TrendMicro made the following motion and Jeremy Rowley of DigiCert and Cecilia Kam of Symantec have endorsed it: Ballot 120 – Affiliate Authority to Verify Domain Reasons for proposed ballot Ballot 72 in May 2012 reorganized the EV Guidelines by moving certain definitions and common provisions to the Baseline Requirements and replacing them with cross references to the Baseline Requirements.
2014-05-29 Minutes
May 29, 2014 by Ben WilsonNotes of Teleconference – CABF – 29 May 2014 1. Antitrust Statement: Read by Ben. 2. Agenda was reviewed. 3. Roll Call: Ryan Sleevi, Ben Wilson, Atsushi Inaba, Moudrick Dadashov, Rick Andrews, Atilla Biler, Kirk Hall, Mert Ozarar, Dean Coclin, Jeremy Rowley, Marcelo Silva, Cecilia Kam, Doug Beattie, Joe Kaluzny, Robin Alden, Kelvin Yiu, Geoff Keating, Rich Smith, Stephen Davidson, 4. Minutes of teleconference of 15-May-2014 were approved. 5. Ballot review: Voting on Ballot 120 (Affiliate Approval of Domain) and Ballot 124 (Business Entity Clarification) ends Thursday, June 5, 2014, at 2200 UTC.
May 29, 2014 by Ben WilsonNotes of Teleconference – CABF – 29 May 2014 1. Antitrust Statement: Read by Ben. 2. Agenda was reviewed. 3. Roll Call: Ryan Sleevi, Ben Wilson, Atsushi Inaba, Moudrick Dadashov, Rick Andrews, Atilla Biler, Kirk Hall, Mert Ozarar, Dean Coclin, Jeremy Rowley, Marcelo Silva, Cecilia Kam, Doug Beattie, Joe Kaluzny, Robin Alden, Kelvin Yiu, Geoff Keating, Rich Smith, Stephen Davidson, 4. Minutes of teleconference of 15-May-2014 were approved. 5. Ballot review: Voting on Ballot 120 (Affiliate Approval of Domain) and Ballot 124 (Business Entity Clarification) ends Thursday, June 5, 2014, at 2200 UTC.
Ballot 122 – Verified Method of Communication (failed)
May 8, 2014 by Ben WilsonBallot 122 – Verified Method of Communication Voting on Ballot 122 closed. We received “yes” votes from Actalis, Buypass, Comodo, DigiCert, GlobalSign, GoDaddy, Izenpe, Logius PKIoverheid, QuoVadis, SECOM, Symantec, Trend Micro, Trustis, TURKTRUST, Visa, and WoSign OpenTrust and SSC abstained. Mozilla and Microsoft voted “no.” Therefore, Ballot 122 did not pass. The EV Guidelines Working Group has completed its review of Section 11.4.2 of the EV Guidelines (Telephone Number for Applicant’s Place of Business).
May 8, 2014 by Ben WilsonBallot 122 – Verified Method of Communication Voting on Ballot 122 closed. We received “yes” votes from Actalis, Buypass, Comodo, DigiCert, GlobalSign, GoDaddy, Izenpe, Logius PKIoverheid, QuoVadis, SECOM, Symantec, Trend Micro, Trustis, TURKTRUST, Visa, and WoSign OpenTrust and SSC abstained. Mozilla and Microsoft voted “no.” Therefore, Ballot 122 did not pass. The EV Guidelines Working Group has completed its review of Section 11.4.2 of the EV Guidelines (Telephone Number for Applicant’s Place of Business).