CAB Forum Certificate Issuers, Certificate Consumers, and Interested Parties Working to Secure the Web
Results of Review Period (Mailing list post is available here.) The IPR review period ended on June 25, 2022 and no exclusion notices were filed. The final documents, with the effective date being 2022-06-29, are available here. Summary of Review Ballot for ReviewBallot CSC-14 – Convert Code Signing Baseline Requirements to RFC 3647 FrameworkStart of Review Period26 May 2022 at 18:00 UTCEnd of Review Period25 June …
Read More »Ballots
2022-05-05 Minutes of the Code Signing Certificate Working Group
Attendees Atsushi Inaba, Ben Wilson, Bruce Morton, Corey Bonnell, Dean Coclin, Ian McMillan, Joanna Fox, Martijn Katerbarg, Michael Sykes, Tim Crawford Minutes Minute Taker: Dean Antitrust statement was read Prior meeting minutes of April 21st, approved. CSC-13 Subscriber Private Key Protection Ballot (Bruce) No IPR review responses have been received and once period ends tomorrow, a notice will go out …
Read More »Ballot CSC-13 – Update to Subscriber Key Protection Requirements
Results of Review Period (Mailing list post is available here.) The review period has ended and no exclusion notices were filed. The final documents, with the effective date being 2022-05-09, are available here. Results of Voting (Mailing list post is available here.) YesNoAbstainCertificate IssuersCertum (Asseco)DigiCerteMudhraEntrustHARICASectigoSSL.comCertificate ConsumersMicrosoftThe ballot has PASSED. Purpose of the Ballot Update the subscriber private key protection requirements …
Read More »Ballot SC54: Onion Cleanup
Voting Results Certificate Issuers 18 votes total, with no abstentions: 18 Yes votes: Amazon, Buypass, DigiCert, eMudhra, Entrust, GDCA, GlobalSign, GoDaddy, HARICA, Izenpe, JPRS, NAVER, OISTE, Sectigo, SwissSign, TrustCor, SecureTrust, Visa 0 No Votes 0 Abstentions Certificate Consumers 6 votes total, with no abstentions: 6 Yes votes: 360, Apple, Cisco, Google, Microsoft, Mozilla 0 No votes 0 Abstentions Bylaw Requirements Bylaw 2.3(f) requires: …
Read More »Ballot CSC-6 – Update to Subscriber Private Key Protection Requirements
Results of Voting (Mailing list post is available here.) YesNoAbstainCertificate IssuersDigiCertEntrustGlobalSignHARICASecureTrustCertificate ConsumersMicrosoftThe ballot has FAILED. Purpose of the ballot Update the subscriber private key protection requirements in the Baseline Requirement for the Issuance and Management of Publicly-Trusted Code Signing Certificates v2.7. The following motion has been proposed by Ian McMillan of Microsoft, and endorsed by Tim Hollebeek of DigiCert and …
Read More »Ballot SC51: Reduce and Clarify Audit Log and Records Archival Retention Requirements
Voting Results Certificate Issuers 21 votes total, with no abstentions: 21 Yes votes: Amazon, Certigna (DHIMYOTIS), Certum (Asseco), Chunghwa Telecom, DigiCert, Disig, eMudhra, Entrust, Firmaprofesional, GDCA, GlobalSign, GoDaddy, HARICA, Izenpe, JPRS, Let’s Encrypt / ISRG, SSL.com, TWCA, TrustCor, SecureTrust, Visa0 No Votes0 Abstentions Certificate Consumers 5 votes total, with no abstentions: 5 Yes votes: Apple, Cisco, Google, Microsoft, Mozilla 0 No votes0 Abstentions …
Read More »Ballot NS-001: Adopt Network and Certificate System Security Requirements
This email begins the discussion period for Ballot NS-001: Adopt Network and Certificate System Security Requirements. PURPOSE OF BALLOTThe purpose of this ballot is for the Networking Security Working Group to formally adopt version 1.7 of the Network and Certificate System Security Requirements as currently published by the CA/Browser Forum. MOTIONThe following motion has been proposed by Clint Wilson of …
Read More »Ballot SC53: Sunset for SHA-1 OCSP Signing
Voting Results The voting on ballot SC53 has completed, and the ballot has passed. Certificate Issuers 21 votes total, with no abstentions: 21 Yes votes: Buypass, Certigna (DHIMYOTIS), Certum (Asseco), Chunghwa Telecom, D-TRUST, DigiCert, Disig, eMudhra, Entrust, Firmaprofesional, GDCA, GlobalSign, GoDaddy, HARICA, Izenpe, JPRS, Let’s Encrypt / ISRG, OISTE, Sectigo, TrustCor, SecureTrust0 No Votes0 Abstentions Certificate Consumers 5 votes total, with …
Read More »Ballot Forum-17 – Creation of Network Security Working Group
The voting on ballot FORUM-17 has completed, and the ballot has passed. Voting Results Certificate Issuers 22 votes total, with no abstentions: 22 Yes votes: Buypass, Certum (Asseco), D-TRUST, DigiCert, Disig, eMudhra, Entrust, E-TUGRA, GDCA, GlobalSign, GoDaddy, HARICA, JPRS, Let’s Encrypt/ISRG, MSC Trustgate, OISTE, SECOM, Sectigo, SSL.com, SwissSign, Telia Company, SecureTrust,0 No Votes0 Abstentions NOTE: A vote placed by GlobalTrust was …
Read More »Ballot SC50: Remove the requirements of section 4.1.1
Voting Results Certificate Issuers 24 votes total, with no abstentions: 24 Yes votes: Amazon, Certigna (DHIMYOTIS), Chunghwa Telecom, D-TRUST, DigiCert, Disig, eMudhra, Entrust, Firmaprofesional, GDCA, GlobalSign, GoDaddy, HARICA, Izenpe, JPRS, Kamu SM, Let’s Encrypt / ISRG, OISTE, Sectigo, SSL.com, SwissSign, Telia Company, TrustCor, Visa0 No Votes0 Abstentions Certificate Consumers 5 votes total, with no abstentions: 5 Yes votes: Apple, Cisco, Google, Mozilla, 3600 No Votes0 Abstentions Bylaw Requirements 1. Bylaw 2.3(f) requires: A …
Read More »