CA/Browser Forum posts
Posts by author Corey Bonnell
2022-09-08 Minutes of the Code Signing Certificate Working Group
September 8, 2022 by Corey BonnellAttendees Andrea Holland, Atsushi Inaba, Bruce Morton, Dean Coclin, Dimitris Zacharopoulos, Ian McMillan, Iñigo Barreira, Janet Hines, Joanna Fox, Martjin Katerbarg, Michael Sykes, Mohit Kumar, Roberto Quiñones, Tim Hollebeek, Tomas Gustavsson, Vijay eMudhra Minutes Dean read the anti-trust statement. No objection to minutes from Aug-25th, minutes approved. Will be sent to public list. Reminder on CSC 15 , IPR review ends on Sept 18th Malware Proposal from Martijn Nothing new to discuss at this time.
September 8, 2022 by Corey BonnellAttendees Andrea Holland, Atsushi Inaba, Bruce Morton, Dean Coclin, Dimitris Zacharopoulos, Ian McMillan, Iñigo Barreira, Janet Hines, Joanna Fox, Martjin Katerbarg, Michael Sykes, Mohit Kumar, Roberto Quiñones, Tim Hollebeek, Tomas Gustavsson, Vijay eMudhra Minutes Dean read the anti-trust statement. No objection to minutes from Aug-25th, minutes approved. Will be sent to public list. Reminder on CSC 15 , IPR review ends on Sept 18th Malware Proposal from Martijn Nothing new to discuss at this time.
2022-08-25 Minutes of the Code Signing Certificate Working Group
August 25, 2022 by Corey BonnellAttendees Andrea Holland, Atsushi Inaba, Bruce Morton, Christophe Bonjean, Corey Bonnell, Ian McMillan, Inigo Barreira, Janet Hines, Joanna Fox, Lynn Jeun, Martijn Katerbarg, Mohit Kumar, Tim Crawford, Tim Hollebeek Minutes Bruce read the anti-trust statement. Meeting minutes for 2022-08-11 were approved. Malware revocation ballot Martijn said there were updates in Github (https://github.com/cabforum/code-signing/pull/10). Christophe and Corey have been providing feedback. There was a discussion on the existing sentence “The CA SHOULD indicate whether its investigation found that the Suspect Code was a false positive or an inadvertent signing”.
August 25, 2022 by Corey BonnellAttendees Andrea Holland, Atsushi Inaba, Bruce Morton, Christophe Bonjean, Corey Bonnell, Ian McMillan, Inigo Barreira, Janet Hines, Joanna Fox, Lynn Jeun, Martijn Katerbarg, Mohit Kumar, Tim Crawford, Tim Hollebeek Minutes Bruce read the anti-trust statement. Meeting minutes for 2022-08-11 were approved. Malware revocation ballot Martijn said there were updates in Github (https://github.com/cabforum/code-signing/pull/10). Christophe and Corey have been providing feedback. There was a discussion on the existing sentence “The CA SHOULD indicate whether its investigation found that the Suspect Code was a false positive or an inadvertent signing”.
Ballot CSC-15 – Summer 2022 Cleanup
August 18, 2022 by Corey BonnellResults of Review Period (Mailing list post is available here.) The IPR review period ended on September 19, 2022 and no exclusion notices were filed. The final documents, with the effective date being 2022-09-19, are available here. This Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum’s Intellectual Property Rights Policy (v1.3). This Review Period is for a Final Maintenance Guideline (30 day Review Period). The complete Draft Guideline subject of this Review Notice is available here.
August 18, 2022 by Corey BonnellResults of Review Period (Mailing list post is available here.) The IPR review period ended on September 19, 2022 and no exclusion notices were filed. The final documents, with the effective date being 2022-09-19, are available here. This Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum’s Intellectual Property Rights Policy (v1.3). This Review Period is for a Final Maintenance Guideline (30 day Review Period). The complete Draft Guideline subject of this Review Notice is available here.
2022-08-11 Minutes of the Code Signing Certificate Working Group
August 11, 2022 by Corey BonnellAttendees Atsushi Inaba, Bruce Morton, Corey Bonnell, Dean Coclin, Ian McMillan, Lynn Jeun, Martijn Katerbarg, Michael Sykes, Tomas Gustavsson Minutes Anti-Trust Statement read by Dean Prior meeting minutes fron July 28, 2022 are approved without objection or comment. CSC-15 Ballot Status Voting period closed and Dean will be announcing the results. Next steps to send out for IPR. Signing Service Proposed Ballot Update Bruce is waiting for the CSC-15 ballot to clear before proceeding.
August 11, 2022 by Corey BonnellAttendees Atsushi Inaba, Bruce Morton, Corey Bonnell, Dean Coclin, Ian McMillan, Lynn Jeun, Martijn Katerbarg, Michael Sykes, Tomas Gustavsson Minutes Anti-Trust Statement read by Dean Prior meeting minutes fron July 28, 2022 are approved without objection or comment. CSC-15 Ballot Status Voting period closed and Dean will be announcing the results. Next steps to send out for IPR. Signing Service Proposed Ballot Update Bruce is waiting for the CSC-15 ballot to clear before proceeding.
2022-07-28 Minutes of the Code Signing Certificate Working Group
July 28, 2022 by Corey BonnellAttendees Andrea Holland (SecureTrust), Atsushi Inaba (GlobalSign), Bruce Morton (Entrust), Dean Coclin (DigiCert), Joanna Fox (TrustCor), Martijn Katerbarg (Sectigo), Michael Sykes (SSL.com), Mohit Kumar (GlobalSign), Tim Crawford (CPA Canada/WebTrust) Minutes Antitrust Statement: Read by Dean Coclin Minute Taker: Tim Crawford No comments on minutes from 7/14/2022, minutes approved Welcome back Bruce Membership Visa has applied as an interested party. It was noted Visa is a CAB Forum member and an agreement is in place.
July 28, 2022 by Corey BonnellAttendees Andrea Holland (SecureTrust), Atsushi Inaba (GlobalSign), Bruce Morton (Entrust), Dean Coclin (DigiCert), Joanna Fox (TrustCor), Martijn Katerbarg (Sectigo), Michael Sykes (SSL.com), Mohit Kumar (GlobalSign), Tim Crawford (CPA Canada/WebTrust) Minutes Antitrust Statement: Read by Dean Coclin Minute Taker: Tim Crawford No comments on minutes from 7/14/2022, minutes approved Welcome back Bruce Membership Visa has applied as an interested party. It was noted Visa is a CAB Forum member and an agreement is in place.
2022-07-14 Minutes of the Code Signing Certificate Working Group
July 14, 2022 by Corey BonnellAttendees Atsushi Inaba, Corey Bonnell, Dean Coclin, Inigo Barreira, Janet Hines, Joanna Fox, Michael Sykes, Roberto Quinones, Tim Crawford, and Tim Hollebeek Minutes Minute Taker: Janet Antitrust statement was read by Dean Coclin Approved minutes from June 30, 2022 meeting Signing service discussion No additional discussion – Waiting on Bruce to get back. Timestamping Corey will work on a draft ballot for the Pandoc typographical errors. We will need further discussion before we begin a draft ballot on timestamping.
July 14, 2022 by Corey BonnellAttendees Atsushi Inaba, Corey Bonnell, Dean Coclin, Inigo Barreira, Janet Hines, Joanna Fox, Michael Sykes, Roberto Quinones, Tim Crawford, and Tim Hollebeek Minutes Minute Taker: Janet Antitrust statement was read by Dean Coclin Approved minutes from June 30, 2022 meeting Signing service discussion No additional discussion – Waiting on Bruce to get back. Timestamping Corey will work on a draft ballot for the Pandoc typographical errors. We will need further discussion before we begin a draft ballot on timestamping.
2022-06-30 Minutes of the Code Signing Certificate Working Group
June 30, 2022 by Corey BonnellAttendees Andrea Holland (SecureTrust), Atsushi Inaba (GlobalSign), Corey Bonnell (DigiCert), Dean Coclin (DigiCert), Ian McMillan (Microsoft), Inigo Barreira (Sectigo), Janet Hines (SecureTrust), Joanna Fox (TrustCor), Martijn Katerbarg (Sectigo), Roberto Quinones (Intel), Tim Crawford (CPA Canada/WebTrust) Minutes Antitrust Statement: Read by Dean Coclin Minute Taker: Martijn Katerbarg Minutes of the June F2F meeting were approved Signing Service discussion (continued) With Bruce being absent from this meeting and having worked a great deal on this item, the group decided to hold off on discussing this item.
June 30, 2022 by Corey BonnellAttendees Andrea Holland (SecureTrust), Atsushi Inaba (GlobalSign), Corey Bonnell (DigiCert), Dean Coclin (DigiCert), Ian McMillan (Microsoft), Inigo Barreira (Sectigo), Janet Hines (SecureTrust), Joanna Fox (TrustCor), Martijn Katerbarg (Sectigo), Roberto Quinones (Intel), Tim Crawford (CPA Canada/WebTrust) Minutes Antitrust Statement: Read by Dean Coclin Minute Taker: Martijn Katerbarg Minutes of the June F2F meeting were approved Signing Service discussion (continued) With Bruce being absent from this meeting and having worked a great deal on this item, the group decided to hold off on discussing this item.
Ballot CSC-14 – Convert Code Signing Baseline Requirements to RFC 3647 Framework
May 26, 2022 by Corey BonnellResults of Review Period (Mailing list post is available here.) The IPR review period ended on June 25, 2022 and no exclusion notices were filed. The final documents, with the effective date being 2022-06-29, are available here. Summary of Review Ballot for Review Ballot CSC-14 – Convert Code Signing Baseline Requirements to RFC 3647 Framework Start of Review Period 26 May 2022 at 18:00 UTC End of Review Period 25 June 2022 at 18:00 UTC Members with any Essential Claim(s) to exclude must forward a written Notice to Exclude Essential Claims to the Working Group Chair (email to ) and also submit a copy to the CA/B Forum public mailing list (email to ) before the end of the Review Period.
May 26, 2022 by Corey BonnellResults of Review Period (Mailing list post is available here.) The IPR review period ended on June 25, 2022 and no exclusion notices were filed. The final documents, with the effective date being 2022-06-29, are available here. Summary of Review Ballot for Review Ballot CSC-14 – Convert Code Signing Baseline Requirements to RFC 3647 Framework Start of Review Period 26 May 2022 at 18:00 UTC End of Review Period 25 June 2022 at 18:00 UTC Members with any Essential Claim(s) to exclude must forward a written Notice to Exclude Essential Claims to the Working Group Chair (email to ) and also submit a copy to the CA/B Forum public mailing list (email to ) before the end of the Review Period.
2022-05-19 Minutes of the Code Signing Certificate Working Group
May 19, 2022 by Corey BonnellAttendees Atsushi Inaba, Bruce Morton, Corey Bonnell, Dean Coclin, Dimitris Zacharopoulos, Ian McMillan, Inigo Barreira, Joanna Fox, Michael Sykes, Tomas Gustavsson Minutes Minute-taker: Corey Dean read the anti-trust statement. Minutes of the 2022-05-05 meeting were approved. CSC-13 This ballot went through IPR and v2.8 has been published with an effective date of May 9th. The normative changes in the ballot are effective November 15th. CSC-14 Voting Bruce noted that we have already reached quorum.
May 19, 2022 by Corey BonnellAttendees Atsushi Inaba, Bruce Morton, Corey Bonnell, Dean Coclin, Dimitris Zacharopoulos, Ian McMillan, Inigo Barreira, Joanna Fox, Michael Sykes, Tomas Gustavsson Minutes Minute-taker: Corey Dean read the anti-trust statement. Minutes of the 2022-05-05 meeting were approved. CSC-13 This ballot went through IPR and v2.8 has been published with an effective date of May 9th. The normative changes in the ballot are effective November 15th. CSC-14 Voting Bruce noted that we have already reached quorum.
2022-05-05 Minutes of the Code Signing Certificate Working Group
May 5, 2022 by Corey BonnellAttendees Atsushi Inaba, Ben Wilson, Bruce Morton, Corey Bonnell, Dean Coclin, Ian McMillan, Joanna Fox, Martijn Katerbarg, Michael Sykes, Tim Crawford Minutes Minute Taker: Dean Antitrust statement was read Prior meeting minutes of April 21st, approved. CSC-13 Subscriber Private Key Protection Ballot (Bruce) No IPR review responses have been received and once period ends tomorrow, a notice will go out to all. CSC-14 Format changes (Corey) No issues have been flagged with the ballot so the discussion period will be kicked off next week.
May 5, 2022 by Corey BonnellAttendees Atsushi Inaba, Ben Wilson, Bruce Morton, Corey Bonnell, Dean Coclin, Ian McMillan, Joanna Fox, Martijn Katerbarg, Michael Sykes, Tim Crawford Minutes Minute Taker: Dean Antitrust statement was read Prior meeting minutes of April 21st, approved. CSC-13 Subscriber Private Key Protection Ballot (Bruce) No IPR review responses have been received and once period ends tomorrow, a notice will go out to all. CSC-14 Format changes (Corey) No issues have been flagged with the ballot so the discussion period will be kicked off next week.