CA/Browser Forum posts
Posts by author Ben Wilson
Minutes of the F2F 30 Meeting in Ankara, Turkey, 24-26 September 2013
September 25, 2013 by Ben WilsonNotes of Face-to-Face Meeting in Ankara** **Sep. 25, Wednesday, and Sep. 26, Thursday, 2013 Present: Ben Wilson, Gerv Markham, Rick Andrews, Arno Fiedler, Moudrick Dadshov, Dean Coclin, Jeremy Rowley, Merve Baş, Emrah Durmaz, Davut Tokgöz, Richard Wang, Steve Roylance, Giichi Ishii, Atsushi Inaba, Tom Albertson, Sigbjorn Vik, Mert Özarar, Atilla Biler, Cornelia Enke, Robin Alden, Don Sheehy, Atilla Biler, Mert Ozarar, Melis Avci, Burak Kirimer, Imren Altepe, Onur Kocak, Çiğdem Altin, Yüksel Günaydin, Emrah Günel, Deniz Atak
September 25, 2013 by Ben WilsonNotes of Face-to-Face Meeting in Ankara** **Sep. 25, Wednesday, and Sep. 26, Thursday, 2013 Present: Ben Wilson, Gerv Markham, Rick Andrews, Arno Fiedler, Moudrick Dadshov, Dean Coclin, Jeremy Rowley, Merve Baş, Emrah Durmaz, Davut Tokgöz, Richard Wang, Steve Roylance, Giichi Ishii, Atsushi Inaba, Tom Albertson, Sigbjorn Vik, Mert Özarar, Atilla Biler, Cornelia Enke, Robin Alden, Don Sheehy, Atilla Biler, Mert Ozarar, Melis Avci, Burak Kirimer, Imren Altepe, Onur Kocak, Çiğdem Altin, Yüksel Günaydin, Emrah Günel, Deniz Atak
2013-09-19 Minutes
September 19, 2013 by Ben WilsonNotes of meeting CAB Forum 19 September 2013 Version 1 1. Present: Dean Coclin, Mert Ozarar, Atilla Biler, Ben Wilson, Sigbjorn Vik, Eddy Nigg, Atsushi Inaba, Mads Henriksveen, Sissel Hoel, Rick Andrews, Geoff Keating, Robin Alden, Cornelia Enke, Jeremy Rowley, Gerv Markham 2. Agenda: Approved 3. Minutes: Minutes from 5 Sept. 2013 approved. 4.Discussion of Face-to-Face Meeting Agenda: We should probably discuss a little about the NYT/Guardian article on NSA/GCHQ. What is the global perspective on this?
September 19, 2013 by Ben WilsonNotes of meeting CAB Forum 19 September 2013 Version 1 1. Present: Dean Coclin, Mert Ozarar, Atilla Biler, Ben Wilson, Sigbjorn Vik, Eddy Nigg, Atsushi Inaba, Mads Henriksveen, Sissel Hoel, Rick Andrews, Geoff Keating, Robin Alden, Cornelia Enke, Jeremy Rowley, Gerv Markham 2. Agenda: Approved 3. Minutes: Minutes from 5 Sept. 2013 approved. 4.Discussion of Face-to-Face Meeting Agenda: We should probably discuss a little about the NYT/Guardian article on NSA/GCHQ. What is the global perspective on this?
Version 1.1.6 Baseline Requirements Now Posted
September 4, 2013 by Ben WilsonVersion 1.1.6 Baseline Requirements has now been posted to the CA/Browser Forum website. You can find a link to the updated version here.
September 4, 2013 by Ben WilsonVersion 1.1.6 Baseline Requirements has now been posted to the CA/Browser Forum website. You can find a link to the updated version here.
CA/B Forum Welcomes New Members
September 2, 2013 by Ben WilsonSince May 2013, five new Certificate Authorities have joined the CA/Browser Forum. We welcome the following global companies: AS Sertifitseerimiskeskus Disig, a.s. Firmaprofesional Prvni certifikacni autorita, a.s. WoSign Each new member has met the CA/B Forum requirements in issuing publicly trusted SSL certificates, undergoing a 3rd party audit, and has signed the Intellectual Property Rights (IPR) policy. The new members represent geographically diverse Certificate Authorities from Estonia, Slovakia, Spain, Czech Republic and China.
September 2, 2013 by Ben WilsonSince May 2013, five new Certificate Authorities have joined the CA/Browser Forum. We welcome the following global companies: AS Sertifitseerimiskeskus Disig, a.s. Firmaprofesional Prvni certifikacni autorita, a.s. WoSign Each new member has met the CA/B Forum requirements in issuing publicly trusted SSL certificates, undergoing a 3rd party audit, and has signed the Intellectual Property Rights (IPR) policy. The new members represent geographically diverse Certificate Authorities from Estonia, Slovakia, Spain, Czech Republic and China.
Welcome to the CA/Browser Forum
September 2, 2013 by Ben WilsonWelcome to the CA/Browser Forum. Organized in 2005, we are a voluntary group of certification authorities (CAs), vendors of Internet browser software, and suppliers of other applications that use X.509 v.3 digital certificates for SSL/TLS and code signing. The CA/Browser Forum began in 2005 as part of an effort among certification authorities and browser software vendors to provide greater assurance to Internet users about the websites they visit by leveraging the capabilities of SSL/TLS certificates.
September 2, 2013 by Ben WilsonWelcome to the CA/Browser Forum. Organized in 2005, we are a voluntary group of certification authorities (CAs), vendors of Internet browser software, and suppliers of other applications that use X.509 v.3 digital certificates for SSL/TLS and code signing. The CA/Browser Forum began in 2005 as part of an effort among certification authorities and browser software vendors to provide greater assurance to Internet users about the websites they visit by leveraging the capabilities of SSL/TLS certificates.
2013-08-22 Minutes
August 22, 2013 by Ben WilsonNotes of meeting CAB Forum 22 August 2013 Version 1 1. Present: Dean Coclin, Atsushi Inaba, Ben Wilson, Mads Henriksveen, Sissel Hoel, Kirk Hall, Eddy Nigg, Atilla Biler, Mert Ozarar, Rick Andrews, Geoff Keating, Gerv Markham, Stephen Davidson, Wayne Thayer 2. Agenda review: Approved as published. **3. Minutes: ** The minutes of August 8, 2013, were approved as published. 4. Ballots: No ballot voting processes are pending. However, the following ballots are being revised and will be re-presented for voting: Ballot 89 (EV Processing Recommendations), 103 (clarification on OCSP Stapling), 107 (removal of specific version numbers and URLs), and 108 (definition of SSL certificate scope).
August 22, 2013 by Ben WilsonNotes of meeting CAB Forum 22 August 2013 Version 1 1. Present: Dean Coclin, Atsushi Inaba, Ben Wilson, Mads Henriksveen, Sissel Hoel, Kirk Hall, Eddy Nigg, Atilla Biler, Mert Ozarar, Rick Andrews, Geoff Keating, Gerv Markham, Stephen Davidson, Wayne Thayer 2. Agenda review: Approved as published. **3. Minutes: ** The minutes of August 8, 2013, were approved as published. 4. Ballots: No ballot voting processes are pending. However, the following ballots are being revised and will be re-presented for voting: Ballot 89 (EV Processing Recommendations), 103 (clarification on OCSP Stapling), 107 (removal of specific version numbers and URLs), and 108 (definition of SSL certificate scope).
Ballot 107 – Removing Version Numbers to WebTrust and ETSI Standards From CABF Guidelines
August 9, 2013 by Ben WilsonBallot 107 – Removing Version Numbers to WebTrust and ETSI Standards From CABF Guidelines (Withdrawn) Mads Henriksveen made the following motion, and Inigo Barreira from Izenpe and Kirk Hall from Trend Micro endorsed it: Motion Begins Baseline Requirements (BR) Document History Implementers’ Note: Version 1.1 of these SSL Baseline Requirements was published on September 14, 2012. Version 1.1 of WebTrust’s SSL Baseline Audit Criteria and ETSI Technical Standard Electronic Signatures and Infrastructures (ESI) 102 042 version 2.
August 9, 2013 by Ben WilsonBallot 107 – Removing Version Numbers to WebTrust and ETSI Standards From CABF Guidelines (Withdrawn) Mads Henriksveen made the following motion, and Inigo Barreira from Izenpe and Kirk Hall from Trend Micro endorsed it: Motion Begins Baseline Requirements (BR) Document History Implementers’ Note: Version 1.1 of these SSL Baseline Requirements was published on September 14, 2012. Version 1.1 of WebTrust’s SSL Baseline Audit Criteria and ETSI Technical Standard Electronic Signatures and Infrastructures (ESI) 102 042 version 2.
2013-08-08 Minutes
August 8, 2013 by Ben WilsonNotes of meeting CAB Forum 8 August 2013 Version 1 1. Present: Atsushi Inaba, Ben Wilson, Jeremy Rowley, Wayne Thayer, Kirk Hall, Eddy Nigg, Richard Wang, Steve Roylance, Dean Coclin, Robin Alden, Connie Enke, Rick Andrews, Ryan Sleevi 2. Agenda review: Approved as published. Steve asked that the latest version of the EV Guidelines be posted to the website. Ben and Wayne will coordinate after the call to get the current version up.
August 8, 2013 by Ben WilsonNotes of meeting CAB Forum 8 August 2013 Version 1 1. Present: Atsushi Inaba, Ben Wilson, Jeremy Rowley, Wayne Thayer, Kirk Hall, Eddy Nigg, Richard Wang, Steve Roylance, Dean Coclin, Robin Alden, Connie Enke, Rick Andrews, Ryan Sleevi 2. Agenda review: Approved as published. Steve asked that the latest version of the EV Guidelines be posted to the website. Ben and Wayne will coordinate after the call to get the current version up.
Ballot 108 – Defining the Scope of the Baseline Requirements
August 6, 2013 by Ben WilsonBallot 108 – Defining the Scope of the Baseline Requirements (Withdrawn) Motion Jeremy Rowley made the following motion, and Stephen Davidson and Geoff Keating endorsed it: Motion Begins Amend Section 1 of the Baseline Requirements as follows: The Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates describe a subset of the requirements that a Certification Authority must meet in order to issue Publicly Trusted Certificates. Except where explicitly stated otherwise, these requirements apply only to relevant events that occur on or after the Effective Date.
August 6, 2013 by Ben WilsonBallot 108 – Defining the Scope of the Baseline Requirements (Withdrawn) Motion Jeremy Rowley made the following motion, and Stephen Davidson and Geoff Keating endorsed it: Motion Begins Amend Section 1 of the Baseline Requirements as follows: The Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates describe a subset of the requirements that a Certification Authority must meet in order to issue Publicly Trusted Certificates. Except where explicitly stated otherwise, these requirements apply only to relevant events that occur on or after the Effective Date.
Ballot 106 – Extended Deadline to Prohibit OCSP “Good” Response for Non-Issued Certificates
August 6, 2013 by Ben WilsonBallot 106 – Extended Deadline to Prohibit OCSP “Good” Response for Non-Issued Certificates (Withdrawn) Motion Given that several CAs have notified the CA/Browser Forum that they will be unable to comply with the 1-August-2013 deadline by which OCSP responders MUST NOT respond with a “good” status for unissued certificates, and that a one-year extension of this deadline is an appropriate timeframe by which these CAs should be able to come into compliance;
August 6, 2013 by Ben WilsonBallot 106 – Extended Deadline to Prohibit OCSP “Good” Response for Non-Issued Certificates (Withdrawn) Motion Given that several CAs have notified the CA/Browser Forum that they will be unable to comply with the 1-August-2013 deadline by which OCSP responders MUST NOT respond with a “good” status for unissued certificates, and that a one-year extension of this deadline is an appropriate timeframe by which these CAs should be able to come into compliance;