CA/Browser Forum

CA/Browser Forum posts

Posts by author Corey Bonnell

    2022-04-07 Minutes of the Code Signing Certificate Working Group
    April 7, 2022 by Corey BonnellAttendees Andrea Holland (SecureTrust), Atsushi Inaba (GlobalSign), Bruce Morton (Entrust), Corey Bonell (DigiCert), Dean Coclin (DigiCert), Ian McMillan (Microsoft), Inigo Barreira (Sectigo), Joanna Fox (TrustCor), Mohit Kumar (GlobalSign), Tim Crawford (CPA Canada/WebTrust) Minute-taker: Tim Crawford Minutes Antitrust Statement: Read by Dean Minutes for the March 24th meetings were approved Interested party application from Insta Oy No comment was offered, and the application was accepted. Updates on Ballot CSC-13 – Private Key Protection Bruce mentioned that the ballot received eight (8) votes and is deemed to have passed.
    Ballot CSC-13 – Update to Subscriber Key Protection Requirements
    April 6, 2022 by Corey BonnellResults of Review Period (Mailing list post is available here.) The review period has ended and no exclusion notices were filed. The final documents, with the effective date being 2022-05-09, are available here. Results of Voting (Mailing list post is available here.) Yes No Abstain Certificate Issuers Certum (Asseco), DigiCert, eMudhra, Entrust, HARICA, Sectigo, SSL.com Certificate Consumers Microsoft The ballot has PASSED. Purpose of the Ballot Update the subscriber private key protection requirements in the Baseline Requirement for the Issuance and Management of Publicly-Trusted Code Signing Certificates v2.
    2022-03-24 Minutes of the Code Signing Certificate Working Group
    March 24, 2022 by Corey BonnellAttendees Atsushi Inaba (GlobalSign), Bruce Morton (Entrust), Chris Kemmerer (SSL.com), Corey Bonell (DigiCert), Dean Coclin (DigiCert), Dimitris Zacharopoulos (Harica), Ian McMillan (Microsoft), Inigo Barreira (Sectigo), Joanna Fox (TrustCor), Martijn Katerbarg (Sectigo), Michael Sykes (SSL.com), Mohit Kumar (GlobalSign), Thomas Gustavsson (PrimeKey), Tim Crawford (CPA Canada/WebTrust), Tim Hollebeek (DigiCert) Minutes Antitrust Statement: Read by Dean Minute Taker: Martijn Katerbarg Minutes of the February 24th (F2F) and March 10th meetings were approved Updates on ballot CSC-13 Bruce mentioned that the ballot is currently out for discussion.
    2022-03-10 Minutes of the Code Signing Certificate Working Group
    March 10, 2022 by Corey BonnellAttendees Atsushi Inaba – GlobalSign, Bruce Morton – Entrust, Corey Bonnell – DigiCert, Dean Coclin – DigiCert, Dimitris Zacharopoulos – HARICA, Ian McMillan – Microsoft, Inigo Barreira – Sectigo, Joanna Fox – TrustCor, Martin Katerberg – Sectigo, Michael Sykes – SSL.com, Mohit Kumar – GlobalSign, Roberto Quinones – Intel, Tim Hollebeek – DigiCert, Tomas Gustavsson Minutes Antitrust statement: read by Dean. Minutes: Approval of minutes from F2F on hold until people can review.
    Ballot CSC-6 – Update to Subscriber Private Key Protection Requirements
    March 2, 2022 by Corey BonnellResults of Voting (Mailing list post is available here.) Yes No Abstain Certificate Issuers DigiCert, Entrust, GlobalSign, HARICA, SecureTrust Certificate Consumers Microsoft The ballot has FAILED. Purpose of the ballot Update the subscriber private key protection requirements in the Baseline Requirement for the Issuance and Management of Publicly-Trusted Code Signing Certificates v2.7. The following motion has been proposed by Ian McMillan of Microsoft, and endorsed by Tim Hollebeek of DigiCert and Bruce Morton of Entrust.
    2022-02-10 Minutes of the Code Signing Certificate Working Group
    February 10, 2022 by Corey BonnellAttendees Andrea Holland – SecureTrust, Atsushi Inaba – GlobalSign, Bruce Morton – Entrust, Corey Bonnell – DigiCert, Dean Coclin – DigiCert, Dimitris Zacharopoulos – HARICA, Ian McMillan – Microsoft, Inigo Barreira – Sectigo, Roberto Quinones – Intel, Tim Crawford – WebTrust Minutes Chris Kemmerer “volunteered” by Dean Coclin as minute taker. Antitrust statement: read by Corey. Minutes: discussion regarding minutes from Jan 27 2022 call: Dimitris observed that the minutes submitted are perhaps too detailed, easier to digest if summarized.
    2022-01-27 Minutes of the Code Signing Certificate Working Group
    January 27, 2022 by Corey BonnellAttendees Andrea Holland – SecureTrust , Ashish Dhiman – GlobalSign, Atsushi Inaba – GlobalSign, Bruce Morton – Entrust, Corey Bonnell – DigiCert, Dean Coclin – DigiCert, Dimitris Zacharopoulos – HARICA, Ian McMillan – Microsoft, Inigo Barreira – Sectigo, Jeff Ward – WebTrust, Karina Sirota – Microsoft, Kiran Tummala – Microsoft, Michael Sykes – SSL.com, Mohit Kumar – GlobalSign, Tim Crawford – WebTrust, Tim Hollebeek – DigiCert Minutes Minutes of January 13th 2022 approved.
    2022-01-13 Minutes of the Code Signing Certificate Working Group
    January 13, 2022 by Corey BonnellAttendees Andrea Holland, Atsushi Inaba, Bruce Morton, Corey Bonnell, Dean Coclin, Dimitris Zacharopoulos, Ian McMillan, Inigo Barreira, Janet Hines, Joanna Fox, Michael Sykes, Roberto Quinones, Tim Hollebeek, Tomas Gustavsson Minutes The Antitrust statement was read. Minutes from the prior meeting on December 16, 2021 were approved CSC-6 Subscriber Private Key Protection Ian thought he had sent the draft to the list before the holidays but it was determined that was not the case.
    2022-01-06 Minutes of the CA/Browser Forum Teleconference
    January 6, 2022 by Corey BonnellAttendees Adam Jones (Microsoft), Adrian Mueller (SwissSign), Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Bruce Morton (Entrust), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell (Digicert), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Fumihiko Yoneda (Japan Registry Services), Hazhar Ismail (MSC Trustgate Sdn Bhd), Inaba Atsushi (GlobalSign), Israr Ahmed (E-tugra), Joanna Fox (TrustCor Systems), Johnny Reading (GoDaddy), Jos Purvis (Cisco Systems), Karina Sirota (Microsoft), Kati Davids (GoDaddy), Mads Henriksveen (Buypass AS), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Niko Carpenter (SecureTrust), Peter Miskovic (Disig), Rae Ann Gonzales (GoDaddy), Rebecca Kelley (Apple), Ryan Dickson (Google), Stephen Davidson (Digicert), Tadahiko Ito (SECOM Trust Systems), Tim Hollebeek (Digicert), Trevoli Ponds-White (Amazon), Tyler Myers (GoDaddy), Vijayakumar (Vijay) Manjunatha (eMudhra), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yoshiro Yoneya (Japan Registry Services)
    2021-12-16 Minutes of the Code Signing Certificate Working Group
    December 16, 2021 by Corey BonnellAttendees Andrea Holland, Atsushi Inaba, Bruce Morton, Corey Bonnell, Dean Coclin, Ian McMillan, Inigo Barreira, Janet Hines, Joanna Fox, Michael Sykes, Roberto Quinones, Tim Hollebeek Minutes Antitrust Statement was read by Bruce Morton. Approved minutes from previous Dec 2, 2021 meeting. Ballot CSC-6 (Subscriber Private Key Protection) Ian shared the final discussion feedback and changes. Added the definition of Hardware Crypto Module: A tamper-resistant device with a cryptography processor used for the specific purpose of protecting the lifecycle of cryptographic keys (generating, managing, processing, and storing).
    The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).