CA/Browser Forum posts
Ballots CSC-21 and CSC-22
January 17, 2024 by Corey BonnellRESULTS OF REVIEW PERIOD The IPR review period ended on February 28, 2024 and no exclusion notices were filed.
January 17, 2024 by Corey BonnellRESULTS OF REVIEW PERIOD The IPR review period ended on February 28, 2024 and no exclusion notices were filed.
Ballot FORUM 20v2 – Amend Code Signing Certificate Working Group Charter
January 13, 2024 by Dimitris ZacharopoulosThe voting period for Ballot FORUM-020 v.2 - Amend Code Signing Certificate Working Group Charter has ended and the Ballot has Passed. Here are the results: Voting by Certificate Issuers 23 votes total including abstentions
January 13, 2024 by Dimitris ZacharopoulosThe voting period for Ballot FORUM-020 v.2 - Amend Code Signing Certificate Working Group Charter has ended and the Ballot has Passed. Here are the results: Voting by Certificate Issuers 23 votes total including abstentions
Ballot SMC05: Adoption of CAA for S/MIME
January 8, 2024 by Stephen DavidsonThe Intellectual Property Review (IPR) period for Ballot SMC05 (Adoption of CAA for S/MIME) has completed. No IPR Exclusion Notices were filed, and the ballot is adopted as of February 20, 2024. The new S/MIME BR v.1.0.3 have been published to the CABF public website in accordance with the Bylaws: https://cabforum.org/uploads/CA-Browser-Forum-SMIMEBR-1.0.3.pdf Notice of Review Period SMC05: Adoption of CAA for S/MIME This Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum’s Intellectual Property Rights Policy (v1.3). This 30-day Review Period is for the Final Maintenance Guideline that is attached to this Review Notice.
January 8, 2024 by Stephen DavidsonThe Intellectual Property Review (IPR) period for Ballot SMC05 (Adoption of CAA for S/MIME) has completed. No IPR Exclusion Notices were filed, and the ballot is adopted as of February 20, 2024. The new S/MIME BR v.1.0.3 have been published to the CABF public website in accordance with the Bylaws: https://cabforum.org/uploads/CA-Browser-Forum-SMIMEBR-1.0.3.pdf Notice of Review Period SMC05: Adoption of CAA for S/MIME This Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum’s Intellectual Property Rights Policy (v1.3). This 30-day Review Period is for the Final Maintenance Guideline that is attached to this Review Notice.
2024-01-04 Minutes of the CA/Browser Forum Teleconference
January 4, 2024 by Kiran TummalaMeeting of the CA/Browser Forum January 4, 2024 1. Roll Call Aaron Gable - (Let’s Encrypt), Adam Jones - (Microsoft), Andrea Holland - (VikingCloud), Ben Wilson - (Mozilla), Brianca Martin - (Amazon), Cade Cairns - (Google), Chris Clements - (Google), Christophe Bonjean - (GlobalSign), Clint Wilson - (Apple), Corey Bonnell - (DigiCert), Corey Rasmussen - (OATI), David Kluge - (Google), Dean Coclin - (DigiCert), Dimitris Zacharopoulos - (HARICA), Doug Beattie - (GlobalSign), Dustin Hollenback - (Microsoft), Enrico Entschew - (D-TRUST), Inaba Atsushi - (GlobalSign), Johnny Reading - (GoDaddy), Karina Sirota - (Microsoft), Kiran Tummala - (Microsoft), Lucy Buecking - (IdenTrust), Lynn Jeun - (Visa), Mads Henriksveen - (Buypass AS), Marcelo Silva - (Visa), Marco Schambach - (IdenTrust), Mark Nelson - (IdenTrust), Martijn Katerbarg - (Sectigo), Michelle Coon - (OATI), Mrugesh Chandarana - (IdenTrust), Nargis Mannan - (VikingCloud), Nicol So - (CommScope), Nome Huang - (TrustAsia), Paul van Brouwershaven - (Entrust), Peter Miskovic - (Disig), Rebecca Kelley - (Apple), Rollin Yu - (TrustAsia), Roman Fischer - (SwissSign), Scott Rea - (eMudhra), Stephen Davidson - (DigiCert), Steven Deitte - (GoDaddy), Tadahiko Ito - (SECOM Trust Systems), Thomas Zermeno - (SSL.com), Tim Hollebeek - (DigiCert), Trevoli Ponds-White - (Amazon), Wayne Thayer - (Fastly), Wendy Brown - (US Federal PKI Management Authority), Yoshihiko Matsuo - (Japan Registry Services).
January 4, 2024 by Kiran TummalaMeeting of the CA/Browser Forum January 4, 2024 1. Roll Call Aaron Gable - (Let’s Encrypt), Adam Jones - (Microsoft), Andrea Holland - (VikingCloud), Ben Wilson - (Mozilla), Brianca Martin - (Amazon), Cade Cairns - (Google), Chris Clements - (Google), Christophe Bonjean - (GlobalSign), Clint Wilson - (Apple), Corey Bonnell - (DigiCert), Corey Rasmussen - (OATI), David Kluge - (Google), Dean Coclin - (DigiCert), Dimitris Zacharopoulos - (HARICA), Doug Beattie - (GlobalSign), Dustin Hollenback - (Microsoft), Enrico Entschew - (D-TRUST), Inaba Atsushi - (GlobalSign), Johnny Reading - (GoDaddy), Karina Sirota - (Microsoft), Kiran Tummala - (Microsoft), Lucy Buecking - (IdenTrust), Lynn Jeun - (Visa), Mads Henriksveen - (Buypass AS), Marcelo Silva - (Visa), Marco Schambach - (IdenTrust), Mark Nelson - (IdenTrust), Martijn Katerbarg - (Sectigo), Michelle Coon - (OATI), Mrugesh Chandarana - (IdenTrust), Nargis Mannan - (VikingCloud), Nicol So - (CommScope), Nome Huang - (TrustAsia), Paul van Brouwershaven - (Entrust), Peter Miskovic - (Disig), Rebecca Kelley - (Apple), Rollin Yu - (TrustAsia), Roman Fischer - (SwissSign), Scott Rea - (eMudhra), Stephen Davidson - (DigiCert), Steven Deitte - (GoDaddy), Tadahiko Ito - (SECOM Trust Systems), Thomas Zermeno - (SSL.com), Tim Hollebeek - (DigiCert), Trevoli Ponds-White - (Amazon), Wayne Thayer - (Fastly), Wendy Brown - (US Federal PKI Management Authority), Yoshihiko Matsuo - (Japan Registry Services).
2024-01-04 Minutes of the Server Certificate Working Group
January 4, 2024 by Iñigo BarreiraAttendance Aaron Gable - (Let’s Encrypt), Adam Jones - (Microsoft), Andrea Holland - (VikingCloud), Ben Wilson - (Mozilla), Brianca Martin - (Amazon), Cade Cairns - (Google), Chris Clements - (Google), Christophe Bonjean - (GlobalSign), Clint Wilson - (Apple), Corey Bonnell - (DigiCert), Corey Rasmussen - (OATI), David Kluge - (Google), Dean Coclin - (DigiCert), Dimitris Zacharopoulos - (HARICA), Doug Beattie - (GlobalSign), Dustin Hollenback - (Microsoft), Enrico Entschew - (D-TRUST), Inaba Atsushi - (GlobalSign), Johnny Reading - (GoDaddy), Karina Sirota - (Microsoft), Kiran Tummala - (Microsoft), Lucy Buecking - (IdenTrust), Lynn Jeun - (Visa), Mads Henriksveen - (Buypass AS), Marcelo Silva - (Visa), Marco Schambach - (IdenTrust), Mark Nelson - (IdenTrust), Martijn Katerbarg - (Sectigo), Michelle Coon - (OATI), Mrugesh Chandarana - (IdenTrust), Nargis Mannan - (VikingCloud), Nicol So - (CommScope), Nome Huang - (TrustAsia), Paul van Brouwershaven - (Entrust), Peter Miskovic - (Disig), Rebecca Kelley - (Apple), Rollin Yu - (TrustAsia), Roman Fischer - (SwissSign), Scott Rea - (eMudhra), Stephen Davidson - (DigiCert), Steven Deitte - (GoDaddy), Tadahiko Ito - (SECOM Trust Systems), Thomas Zermeno - (SSL.com), Tim Hollebeek - (DigiCert), Trevoli Ponds-White - (Amazon), Wayne Thayer - (Fastly), Wendy Brown - (US Federal PKI Management Authority), Yoshihiko Matsuo - (Japan Registry Services).
January 4, 2024 by Iñigo BarreiraAttendance Aaron Gable - (Let’s Encrypt), Adam Jones - (Microsoft), Andrea Holland - (VikingCloud), Ben Wilson - (Mozilla), Brianca Martin - (Amazon), Cade Cairns - (Google), Chris Clements - (Google), Christophe Bonjean - (GlobalSign), Clint Wilson - (Apple), Corey Bonnell - (DigiCert), Corey Rasmussen - (OATI), David Kluge - (Google), Dean Coclin - (DigiCert), Dimitris Zacharopoulos - (HARICA), Doug Beattie - (GlobalSign), Dustin Hollenback - (Microsoft), Enrico Entschew - (D-TRUST), Inaba Atsushi - (GlobalSign), Johnny Reading - (GoDaddy), Karina Sirota - (Microsoft), Kiran Tummala - (Microsoft), Lucy Buecking - (IdenTrust), Lynn Jeun - (Visa), Mads Henriksveen - (Buypass AS), Marcelo Silva - (Visa), Marco Schambach - (IdenTrust), Mark Nelson - (IdenTrust), Martijn Katerbarg - (Sectigo), Michelle Coon - (OATI), Mrugesh Chandarana - (IdenTrust), Nargis Mannan - (VikingCloud), Nicol So - (CommScope), Nome Huang - (TrustAsia), Paul van Brouwershaven - (Entrust), Peter Miskovic - (Disig), Rebecca Kelley - (Apple), Rollin Yu - (TrustAsia), Roman Fischer - (SwissSign), Scott Rea - (eMudhra), Stephen Davidson - (DigiCert), Steven Deitte - (GoDaddy), Tadahiko Ito - (SECOM Trust Systems), Thomas Zermeno - (SSL.com), Tim Hollebeek - (DigiCert), Trevoli Ponds-White - (Amazon), Wayne Thayer - (Fastly), Wendy Brown - (US Federal PKI Management Authority), Yoshihiko Matsuo - (Japan Registry Services).
2024-01-03 Minutes of the S/MIME Certificate Working Group
January 3, 2024 by Stephen DavidsonMinutes of SMCWG January 3, 2024 These are the Draft Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply.
January 3, 2024 by Stephen DavidsonMinutes of SMCWG January 3, 2024 These are the Draft Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply.
2023-12-20 Minutes of the S/MIME Certificate Working Group
December 20, 2023 by Stephen DavidsonMinutes of SMCWG December 20, 2023 These are the Approved Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply.
December 20, 2023 by Stephen DavidsonMinutes of SMCWG December 20, 2023 These are the Approved Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply.
2023-12-14 Minutes of the Code Signing Certificate Working Group
December 14, 2023 by Corey BonnellAttendees Andrea Holland (VikingCloud), Bruce Morton (Entrust), Corey Bonnell (DigiCert), Dean Coclin (DigiCert), Ian McMillan (Microsoft), Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo), Martijn Katerbarg (Sectigo), Mohit Kumar (GlobalSign), Richard Kisley (IBM), Roberto Quionones (Intel), Rollin Yu (TrustAsia), Scott Rea (eMudhra), Tim Crawford (CPA Canada/WebTrust), Tim Hollebeek (DigiCert)
December 14, 2023 by Corey BonnellAttendees Andrea Holland (VikingCloud), Bruce Morton (Entrust), Corey Bonnell (DigiCert), Dean Coclin (DigiCert), Ian McMillan (Microsoft), Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo), Martijn Katerbarg (Sectigo), Mohit Kumar (GlobalSign), Richard Kisley (IBM), Roberto Quionones (Intel), Rollin Yu (TrustAsia), Scott Rea (eMudhra), Tim Crawford (CPA Canada/WebTrust), Tim Hollebeek (DigiCert)
Ballot SMC04: Addition of ETSI TS 119 411-6 to audit standards
December 8, 2023 by Stephen DavidsonThe Intellectual Property Review (IPR) period for Ballot SMC04 (Addition of ETSI TS 119 411-6 to audit standards) has completed. No IPR Exclusion Notices were filed, and the ballot is adopted as of December 8, 2023. The new S/MIME BR have also been published to the CABF public website in accordance with the Bylaws. Intellectual Property Review: Notice of Review Period – BALLOT SMC04 This Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum’s Intellectual Property Rights Policy (v1.3). This 30-day Review Period is for the Final Maintenance Guideline that is attached to this Review Notice.
December 8, 2023 by Stephen DavidsonThe Intellectual Property Review (IPR) period for Ballot SMC04 (Addition of ETSI TS 119 411-6 to audit standards) has completed. No IPR Exclusion Notices were filed, and the ballot is adopted as of December 8, 2023. The new S/MIME BR have also been published to the CABF public website in accordance with the Bylaws. Intellectual Property Review: Notice of Review Period – BALLOT SMC04 This Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum’s Intellectual Property Rights Policy (v1.3). This 30-day Review Period is for the Final Maintenance Guideline that is attached to this Review Notice.
Minutes of the F2F 60 Meeting in Portsmouth, NH, USA, 3-5 October 2023 – SCWG (4 October)
December 7, 2023 by Iñigo BarreiraServer Cert Working GroupDate: October 4, 2023 Minute Taker: Kiran Tummala (Microsoft) Revocation: The current rules in place were established about a decade ago, and much has changed since then, especially in terms of certificate volumes and crt.sh. Often, revocation appears to be a cosmetic issue, and there’s a sense that it does a disservice to both subscribers and relying parties. Creating unnecessary crises is not beneficial. There’s a strong desire to update the rule.
December 7, 2023 by Iñigo BarreiraServer Cert Working GroupDate: October 4, 2023 Minute Taker: Kiran Tummala (Microsoft) Revocation: The current rules in place were established about a decade ago, and much has changed since then, especially in terms of certificate volumes and crt.sh. Often, revocation appears to be a cosmetic issue, and there’s a sense that it does a disservice to both subscribers and relying parties. Creating unnecessary crises is not beneficial. There’s a strong desire to update the rule.