CA/Browser Forum posts
Posts by author Corey Bonnell
2023-02-09 Minutes of the Code Signing Certificate Working Group
February 9, 2023 by Corey BonnellAttendeesAndrea Holland (VikingCloud), Atsushi Inaba (GlobalSign), Ben Dewberry (Keyfactor), Brianca Martin (Amazon Trust Services), Bruce Morton (Entrust), Corey Bonnell (DigiCert), Dean Coclin (DigiCert), Ian McMillan (Microsoft), Inigo Barreira (Sectigo), Martijn Katerbarg (Sectigo), Mohit Kumar (GlobalSign), Roberto Quinones (Intel), Rollin Yu (TrustAsia), Tim Crawford (WebTrust), Tim Hollebeek (DigiCert) Minutes Antitrust statement read Approval of minutes: Jan 26th minutes have not been sent out Ballot: Malware base revocation (Martijn) Received some pushback on the mailing list.
February 9, 2023 by Corey BonnellAttendeesAndrea Holland (VikingCloud), Atsushi Inaba (GlobalSign), Ben Dewberry (Keyfactor), Brianca Martin (Amazon Trust Services), Bruce Morton (Entrust), Corey Bonnell (DigiCert), Dean Coclin (DigiCert), Ian McMillan (Microsoft), Inigo Barreira (Sectigo), Martijn Katerbarg (Sectigo), Mohit Kumar (GlobalSign), Roberto Quinones (Intel), Rollin Yu (TrustAsia), Tim Crawford (WebTrust), Tim Hollebeek (DigiCert) Minutes Antitrust statement read Approval of minutes: Jan 26th minutes have not been sent out Ballot: Malware base revocation (Martijn) Received some pushback on the mailing list.
2023-01-26 Minutes of the Code Signing Certificate Working Group
January 26, 2023 by Corey BonnellAttendeesAndrea Holland (VikingCloud), Atsushi Inaba (GlobalSign), Ben Dewberry (Keyfactor), Brianca Martin (Amazon Trust Services), Bruce Morton (Entrust), Corey Bonnell (DigiCert), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Ian McMillan (Microsoft), Inigo Barreira (Sectigo), Janet Hines (VikingCloud), Martijn Katerbarg (Sectigo), Roberto Quinones (Intel), Tim Hollebeek (DigiCert), Trevoli (Amazon Trust Services) Minutes Antitrust statement read Approval of minutes: Minutes for 12 January 2023 approved Ballot: Malware base revocation (Martijn) Some discussion and need to get feedback into Github before the end of the week.
January 26, 2023 by Corey BonnellAttendeesAndrea Holland (VikingCloud), Atsushi Inaba (GlobalSign), Ben Dewberry (Keyfactor), Brianca Martin (Amazon Trust Services), Bruce Morton (Entrust), Corey Bonnell (DigiCert), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Ian McMillan (Microsoft), Inigo Barreira (Sectigo), Janet Hines (VikingCloud), Martijn Katerbarg (Sectigo), Roberto Quinones (Intel), Tim Hollebeek (DigiCert), Trevoli (Amazon Trust Services) Minutes Antitrust statement read Approval of minutes: Minutes for 12 January 2023 approved Ballot: Malware base revocation (Martijn) Some discussion and need to get feedback into Github before the end of the week.
2023-01-12 Minutes of the Code Signing Certificate Working Group
January 12, 2023 by Corey BonnellAttendees Atsushi Inaba, Ben Dewberry, Corey Bonnell, Dean Coclin, Dimitris Zacharopoulos, Inigo Barreira, Janet Hines, Martijn Katerbarg, Michael Sykes, Mohit Kumar, Rollin Yu, Tim Crawford Minutes Minute Taker: Janet Hines. Antitrust statement was read by Dean Coclin. Approved minutes from December 15, 2022 meeting. Ballot around malware revocation Alternate language is being reviewed. Will update on next call. Signing service discussion No updates. Removing SSL BR references Section 7.1.4.2.3 had several BR references that need more discussion.
January 12, 2023 by Corey BonnellAttendees Atsushi Inaba, Ben Dewberry, Corey Bonnell, Dean Coclin, Dimitris Zacharopoulos, Inigo Barreira, Janet Hines, Martijn Katerbarg, Michael Sykes, Mohit Kumar, Rollin Yu, Tim Crawford Minutes Minute Taker: Janet Hines. Antitrust statement was read by Dean Coclin. Approved minutes from December 15, 2022 meeting. Ballot around malware revocation Alternate language is being reviewed. Will update on next call. Signing service discussion No updates. Removing SSL BR references Section 7.1.4.2.3 had several BR references that need more discussion.
2022-12-15 Minutes of the Code Signing Certificate Working Group
December 15, 2022 by Corey BonnellAttendees Andrea Holland, Brianca Martin, Bruce Morton, Corey Bonnell, Dean Coclin, Dimitris Zacharopoulos, Inigo Barreira, Michael Sykes Mohit Kumar, Rollin Yu, Tim Crawford, Trevoli Ponds-White Minutes Antitrust statement was read. Minutes approved for last meeting 1-Dec-22 and F2F. There was discussion on how we can make minutes more effective – in general with a suggestion on recapping along discussion by chair or minute taker for summary. Ballot around Malware protection Updates made to draft to suggest that subscriber can provide a different date based on impact.
December 15, 2022 by Corey BonnellAttendees Andrea Holland, Brianca Martin, Bruce Morton, Corey Bonnell, Dean Coclin, Dimitris Zacharopoulos, Inigo Barreira, Michael Sykes Mohit Kumar, Rollin Yu, Tim Crawford, Trevoli Ponds-White Minutes Antitrust statement was read. Minutes approved for last meeting 1-Dec-22 and F2F. There was discussion on how we can make minutes more effective – in general with a suggestion on recapping along discussion by chair or minute taker for summary. Ballot around Malware protection Updates made to draft to suggest that subscriber can provide a different date based on impact.
2022-12-01 Minutes of the Code Signing Certificate Working Group
December 1, 2022 by Corey BonnellAttendees Andrea Holland – (SecureTrust), Bruce Morton – (Entrust), Corey Bonnell – (DigiCert), Dean Coclin – (DigiCert), Dimitris Zacharopoulos – (HARICA), Ian McMillan – (Microsoft), Inaba Atsushi – (GlobalSign), Janet Hines – (SecureTrust), Martijn Katerbarg – (Sectigo), Roberto Quionones – (Intel), Tim Crawford – (CPA Canada/WebTrust), Tim Hollebeek – (DigiCert), Tomas Gustavsson – (PrimeKey), Trevoli Ponds-White – (Amazon) Minutes The Anti-trust statement was read Minutes of the last call were approved.
December 1, 2022 by Corey BonnellAttendees Andrea Holland – (SecureTrust), Bruce Morton – (Entrust), Corey Bonnell – (DigiCert), Dean Coclin – (DigiCert), Dimitris Zacharopoulos – (HARICA), Ian McMillan – (Microsoft), Inaba Atsushi – (GlobalSign), Janet Hines – (SecureTrust), Martijn Katerbarg – (Sectigo), Roberto Quionones – (Intel), Tim Crawford – (CPA Canada/WebTrust), Tim Hollebeek – (DigiCert), Tomas Gustavsson – (PrimeKey), Trevoli Ponds-White – (Amazon) Minutes The Anti-trust statement was read Minutes of the last call were approved.
2022-11-17 Minutes of the Code Signing Certificate Working Group
November 17, 2022 by Corey BonnellAttendees Atsushi Inaba (GobalSign), Bruce Morton (Entrust), Corey Bonnell (DigiCert), Dimitris Zacharopoulos (HARICA), Ian McMillan (Microsoft), Joanna Fox (Trustcor), Martijn Katerberg (Sectigo), Roberto Quinones (Intel), Tim Crawford (BDO), Tomas Gustavsson, Trevoli Ponds-White (Amazon Trust Services) Minutes Antitrust statement was read. Minutes from 25 October are not yet available. Minutes from 3 November were approved. Ballot: Signing Service Update – The draft text has been recirculated. Dimitris has some comments on the ETSI Time-stamping audit requirements.
November 17, 2022 by Corey BonnellAttendees Atsushi Inaba (GobalSign), Bruce Morton (Entrust), Corey Bonnell (DigiCert), Dimitris Zacharopoulos (HARICA), Ian McMillan (Microsoft), Joanna Fox (Trustcor), Martijn Katerberg (Sectigo), Roberto Quinones (Intel), Tim Crawford (BDO), Tomas Gustavsson, Trevoli Ponds-White (Amazon Trust Services) Minutes Antitrust statement was read. Minutes from 25 October are not yet available. Minutes from 3 November were approved. Ballot: Signing Service Update – The draft text has been recirculated. Dimitris has some comments on the ETSI Time-stamping audit requirements.
2022-11-03 Minutes of the Code Signing Certificate Working Group
November 3, 2022 by Corey BonnellAttendees Andrea Holland, Atsushi Inaba, Bruce Morton, Corey Bonnell, Dean Coclin, Dimitris Zacharopoulos, Ian McMillan, Inigo Barreira, Mohit Kumar, Tim Crawford, Tim Hollebeek, Tomas Gustavsson Minutes Dean read the antitrust statement. Signing Service Ballot Bruce said that he received no further feedback and would like to push this to ballot. Tim and Ian offered to review and endorse, barring any issues found. Dimitris mentioned that one of the takeaways from the F2F was that there is ETSI guidance for remote QSCDs for activation and we should consider incorporating.
November 3, 2022 by Corey BonnellAttendees Andrea Holland, Atsushi Inaba, Bruce Morton, Corey Bonnell, Dean Coclin, Dimitris Zacharopoulos, Ian McMillan, Inigo Barreira, Mohit Kumar, Tim Crawford, Tim Hollebeek, Tomas Gustavsson Minutes Dean read the antitrust statement. Signing Service Ballot Bruce said that he received no further feedback and would like to push this to ballot. Tim and Ian offered to review and endorse, barring any issues found. Dimitris mentioned that one of the takeaways from the F2F was that there is ETSI guidance for remote QSCDs for activation and we should consider incorporating.
2022-10-06 Minutes of the Code Signing Certificate Working Group
October 6, 2022 by Corey BonnellAttendees Atsushi Inaba (GlobalSign), Bruce Morton (Entrust), Corey Bonnell (DigiCert), Dimitris Zacharopoulos (HARICA), Ian McMillan (Microsoft), Inigo Barreira (Sectigo), Martijn Katerbarg (Sectigo), Michael Sykes (SSL.com), Mohit Kumar (GlobalSign) Minutes Antitrust statement was read. Approval of prior meeting minutes: Minutes for 22 September 2022 were approved. Ballot Status: CSC 15: IPR review ended 18 September 2022, so is now complete. CSC 17: Passed and is not in IPR period until 27 October 2022.
October 6, 2022 by Corey BonnellAttendees Atsushi Inaba (GlobalSign), Bruce Morton (Entrust), Corey Bonnell (DigiCert), Dimitris Zacharopoulos (HARICA), Ian McMillan (Microsoft), Inigo Barreira (Sectigo), Martijn Katerbarg (Sectigo), Michael Sykes (SSL.com), Mohit Kumar (GlobalSign) Minutes Antitrust statement was read. Approval of prior meeting minutes: Minutes for 22 September 2022 were approved. Ballot Status: CSC 15: IPR review ended 18 September 2022, so is now complete. CSC 17: Passed and is not in IPR period until 27 October 2022.
Ballot CSC-17: Subscriber Private Key Extension
September 27, 2022 by Corey BonnellNotice of Review Period (Mailing list post is available here.) The IPR review period ended on October 28, 2022 and no exclusion notices were filed. The final documents, with the effective date being 2022-10-28, are available here. This Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum’s Intellectual Property Rights Policy (v1.3). This Review Period is for a Final Maintenance Guideline (30 day Review Period). The complete Draft Guideline subject of this Review Notice is available here.
September 27, 2022 by Corey BonnellNotice of Review Period (Mailing list post is available here.) The IPR review period ended on October 28, 2022 and no exclusion notices were filed. The final documents, with the effective date being 2022-10-28, are available here. This Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum’s Intellectual Property Rights Policy (v1.3). This Review Period is for a Final Maintenance Guideline (30 day Review Period). The complete Draft Guideline subject of this Review Notice is available here.
2022-09-22 Minutes of the Code Signing Certificate Working Group
September 22, 2022 by Corey BonnellAttendees Andrea Holland, Atsushi Inaba, Bruce Morton, Corey Bonnell, Dean Coclin, Ian McMillan, Joanna Fox, Martijn Katerbarg, Michael Sykes, Roberto Quiñones, Tim Crawford, Tim Hollebeek Minutes Dean read the anti-trust statement No objection to minutes from Aug 8, minutes approved. Will be sent to public list Information that the IPR review on CSC-15 ended and the ballot has been approved. The website has been updated. CSC-17, subscriber private key protection, is in voting period that closes September 23rd.
September 22, 2022 by Corey BonnellAttendees Andrea Holland, Atsushi Inaba, Bruce Morton, Corey Bonnell, Dean Coclin, Ian McMillan, Joanna Fox, Martijn Katerbarg, Michael Sykes, Roberto Quiñones, Tim Crawford, Tim Hollebeek Minutes Dean read the anti-trust statement No objection to minutes from Aug 8, minutes approved. Will be sent to public list Information that the IPR review on CSC-15 ended and the ballot has been approved. The website has been updated. CSC-17, subscriber private key protection, is in voting period that closes September 23rd.