CA/Browser Forum posts
Posts by author Corey Bonnell
2023-01-26 Minutes of the Code Signing Certificate Working Group
January 26, 2023 by Corey BonnellAttendeesAndrea Holland (VikingCloud), Atsushi Inaba (GlobalSign), Ben Dewberry (Keyfactor), Brianca Martin (Amazon Trust Services), Bruce Morton (Entrust), Corey Bonnell (DigiCert), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Ian McMillan (Microsoft), Inigo Barreira (Sectigo), Janet Hines (VikingCloud), Martijn Katerbarg (Sectigo), Roberto Quinones (Intel), Tim Hollebeek (DigiCert), Trevoli (Amazon Trust Services) Minutes Antitrust statement read Approval of minutes: Minutes for 12 January 2023 approved Ballot: Malware base revocation (Martijn) Some discussion and need to get feedback into Github before the end of the week. Bruce stated he would endorse after review. Ian is the other endorser. Ballot: Signing Service Update (Bruce) Bruce is having difficulty with Github to move the ballot forward. Martijn volunteered to help out. Ben asked for the procedure to give feedback, which can be done in Github or the mailing list Tim H would like to see the mailing list used more often Dean will check status of Ben in the mailing list Ben started a discussion about multi-factor for Signing Service. We need to come up with a way to discuss how this can be done. Ian indicated that the proposed change allows for secure server-to-server communication, but does not provide details Ballot: Remove SSL BR References (Dimitris) Dimitris stated work has been done and has been reviewed with Martijn, now need to review with the group Dean suggested we add to the F2F meeting, but we decided to review in the meeting Dimitris added “Editor” notes for review Dimitris has imported text from SSL BRs where no text is in the CSBRs Inigo is concerned about conflicts between BRs, but Tim H advised that concerned CAs work in multiple working groups Bruce suggested that it would be good if we had the “BR of BRs” to cover common items There was discussion about updates to definitions and references Decided not to import 4.2.1 from SSL BRs There was a discussion about importing SubCA revocation and misalignment of paragraphs. It was suggested this could be fixed with the revocation ballot or another future ballot. Decided to add in OCSP “3600 seconds” change with an effective date For Suspension, decided to add “No stipulation” and address in a future ballot. Other business F2F we have 1.5 hours scheduled Try to make a plan for the year at F2F Next Meeting – 9 February 2023 Adjourn
January 26, 2023 by Corey BonnellAttendeesAndrea Holland (VikingCloud), Atsushi Inaba (GlobalSign), Ben Dewberry (Keyfactor), Brianca Martin (Amazon Trust Services), Bruce Morton (Entrust), Corey Bonnell (DigiCert), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Ian McMillan (Microsoft), Inigo Barreira (Sectigo), Janet Hines (VikingCloud), Martijn Katerbarg (Sectigo), Roberto Quinones (Intel), Tim Hollebeek (DigiCert), Trevoli (Amazon Trust Services) Minutes Antitrust statement read Approval of minutes: Minutes for 12 January 2023 approved Ballot: Malware base revocation (Martijn) Some discussion and need to get feedback into Github before the end of the week. Bruce stated he would endorse after review. Ian is the other endorser. Ballot: Signing Service Update (Bruce) Bruce is having difficulty with Github to move the ballot forward. Martijn volunteered to help out. Ben asked for the procedure to give feedback, which can be done in Github or the mailing list Tim H would like to see the mailing list used more often Dean will check status of Ben in the mailing list Ben started a discussion about multi-factor for Signing Service. We need to come up with a way to discuss how this can be done. Ian indicated that the proposed change allows for secure server-to-server communication, but does not provide details Ballot: Remove SSL BR References (Dimitris) Dimitris stated work has been done and has been reviewed with Martijn, now need to review with the group Dean suggested we add to the F2F meeting, but we decided to review in the meeting Dimitris added “Editor” notes for review Dimitris has imported text from SSL BRs where no text is in the CSBRs Inigo is concerned about conflicts between BRs, but Tim H advised that concerned CAs work in multiple working groups Bruce suggested that it would be good if we had the “BR of BRs” to cover common items There was discussion about updates to definitions and references Decided not to import 4.2.1 from SSL BRs There was a discussion about importing SubCA revocation and misalignment of paragraphs. It was suggested this could be fixed with the revocation ballot or another future ballot. Decided to add in OCSP “3600 seconds” change with an effective date For Suspension, decided to add “No stipulation” and address in a future ballot. Other business F2F we have 1.5 hours scheduled Try to make a plan for the year at F2F Next Meeting – 9 February 2023 Adjourn
2023-01-12 Minutes of the Code Signing Certificate Working Group
January 12, 2023 by Corey BonnellAttendees Atsushi Inaba, Ben Dewberry, Corey Bonnell, Dean Coclin, Dimitris Zacharopoulos, Inigo Barreira, Janet Hines, Martijn Katerbarg, Michael Sykes, Mohit Kumar, Rollin Yu, Tim Crawford
January 12, 2023 by Corey BonnellAttendees Atsushi Inaba, Ben Dewberry, Corey Bonnell, Dean Coclin, Dimitris Zacharopoulos, Inigo Barreira, Janet Hines, Martijn Katerbarg, Michael Sykes, Mohit Kumar, Rollin Yu, Tim Crawford
2022-12-15 Minutes of the Code Signing Certificate Working Group
December 15, 2022 by Corey BonnellAttendees Andrea Holland, Brianca Martin, Bruce Morton, Corey Bonnell, Dean Coclin, Dimitris Zacharopoulos, Inigo Barreira, Michael Sykes Mohit Kumar, Rollin Yu, Tim Crawford, Trevoli Ponds-White
December 15, 2022 by Corey BonnellAttendees Andrea Holland, Brianca Martin, Bruce Morton, Corey Bonnell, Dean Coclin, Dimitris Zacharopoulos, Inigo Barreira, Michael Sykes Mohit Kumar, Rollin Yu, Tim Crawford, Trevoli Ponds-White
2022-12-01 Minutes of the Code Signing Certificate Working Group
December 1, 2022 by Corey BonnellAttendees Andrea Holland – (SecureTrust), Bruce Morton – (Entrust), Corey Bonnell – (DigiCert), Dean Coclin – (DigiCert), Dimitris Zacharopoulos – (HARICA), Ian McMillan – (Microsoft), Inaba Atsushi – (GlobalSign), Janet Hines – (SecureTrust), Martijn Katerbarg – (Sectigo), Roberto Quionones – (Intel), Tim Crawford – (CPA Canada/WebTrust), Tim Hollebeek – (DigiCert), Tomas Gustavsson – (PrimeKey), Trevoli Ponds-White – (Amazon)
December 1, 2022 by Corey BonnellAttendees Andrea Holland – (SecureTrust), Bruce Morton – (Entrust), Corey Bonnell – (DigiCert), Dean Coclin – (DigiCert), Dimitris Zacharopoulos – (HARICA), Ian McMillan – (Microsoft), Inaba Atsushi – (GlobalSign), Janet Hines – (SecureTrust), Martijn Katerbarg – (Sectigo), Roberto Quionones – (Intel), Tim Crawford – (CPA Canada/WebTrust), Tim Hollebeek – (DigiCert), Tomas Gustavsson – (PrimeKey), Trevoli Ponds-White – (Amazon)
2022-11-17 Minutes of the Code Signing Certificate Working Group
November 17, 2022 by Corey BonnellAttendees Atsushi Inaba (GobalSign), Bruce Morton (Entrust), Corey Bonnell (DigiCert), Dimitris Zacharopoulos (HARICA), Ian McMillan (Microsoft), Joanna Fox (Trustcor), Martijn Katerberg (Sectigo), Roberto Quinones (Intel), Tim Crawford (BDO), Tomas Gustavsson, Trevoli Ponds-White (Amazon Trust Services)
November 17, 2022 by Corey BonnellAttendees Atsushi Inaba (GobalSign), Bruce Morton (Entrust), Corey Bonnell (DigiCert), Dimitris Zacharopoulos (HARICA), Ian McMillan (Microsoft), Joanna Fox (Trustcor), Martijn Katerberg (Sectigo), Roberto Quinones (Intel), Tim Crawford (BDO), Tomas Gustavsson, Trevoli Ponds-White (Amazon Trust Services)
2022-11-03 Minutes of the Code Signing Certificate Working Group
November 3, 2022 by Corey BonnellAttendees Andrea Holland, Atsushi Inaba, Bruce Morton, Corey Bonnell, Dean Coclin, Dimitris Zacharopoulos, Ian McMillan, Inigo Barreira, Mohit Kumar, Tim Crawford, Tim Hollebeek, Tomas Gustavsson
November 3, 2022 by Corey BonnellAttendees Andrea Holland, Atsushi Inaba, Bruce Morton, Corey Bonnell, Dean Coclin, Dimitris Zacharopoulos, Ian McMillan, Inigo Barreira, Mohit Kumar, Tim Crawford, Tim Hollebeek, Tomas Gustavsson
2022-10-06 Minutes of the Code Signing Certificate Working Group
October 6, 2022 by Corey BonnellAttendees Atsushi Inaba (GlobalSign), Bruce Morton (Entrust), Corey Bonnell (DigiCert), Dimitris Zacharopoulos (HARICA), Ian McMillan (Microsoft), Inigo Barreira (Sectigo), Martijn Katerbarg (Sectigo), Michael Sykes (SSL.com), Mohit Kumar (GlobalSign)
October 6, 2022 by Corey BonnellAttendees Atsushi Inaba (GlobalSign), Bruce Morton (Entrust), Corey Bonnell (DigiCert), Dimitris Zacharopoulos (HARICA), Ian McMillan (Microsoft), Inigo Barreira (Sectigo), Martijn Katerbarg (Sectigo), Michael Sykes (SSL.com), Mohit Kumar (GlobalSign)
Ballot CSC-17: Subscriber Private Key Extension
September 27, 2022 by Corey BonnellNotice of Review Period (Mailing list post is available here.)
September 27, 2022 by Corey BonnellNotice of Review Period (Mailing list post is available here.)
2022-09-22 Minutes of the Code Signing Certificate Working Group
September 22, 2022 by Corey BonnellAttendees Andrea Holland, Atsushi Inaba, Bruce Morton, Corey Bonnell, Dean Coclin, Ian McMillan, Joanna Fox, Martijn Katerbarg, Michael Sykes, Roberto Quiñones, Tim Crawford, Tim Hollebeek
September 22, 2022 by Corey BonnellAttendees Andrea Holland, Atsushi Inaba, Bruce Morton, Corey Bonnell, Dean Coclin, Ian McMillan, Joanna Fox, Martijn Katerbarg, Michael Sykes, Roberto Quiñones, Tim Crawford, Tim Hollebeek
2022-09-08 Minutes of the Code Signing Certificate Working Group
September 8, 2022 by Corey BonnellAttendees Andrea Holland, Atsushi Inaba, Bruce Morton, Dean Coclin, Dimitris Zacharopoulos, Ian McMillan, Iñigo Barreira, Janet Hines, Joanna Fox, Martjin Katerbarg, Michael Sykes, Mohit Kumar, Roberto Quiñones, Tim Hollebeek, Tomas Gustavsson, Vijay eMudhra
September 8, 2022 by Corey BonnellAttendees Andrea Holland, Atsushi Inaba, Bruce Morton, Dean Coclin, Dimitris Zacharopoulos, Ian McMillan, Iñigo Barreira, Janet Hines, Joanna Fox, Martjin Katerbarg, Michael Sykes, Mohit Kumar, Roberto Quiñones, Tim Hollebeek, Tomas Gustavsson, Vijay eMudhra