CA/Browser Forum posts
2022-01-06 Minutes of the CA/Browser Forum Teleconference
January 6, 2022 by Corey BonnellAttendees Adam Jones (Microsoft), Adrian Mueller (SwissSign), Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Bruce Morton (Entrust), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell (Digicert), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Fumihiko Yoneda (Japan Registry Services), Hazhar Ismail (MSC Trustgate Sdn Bhd), Inaba Atsushi (GlobalSign), Israr Ahmed (E-tugra), Joanna Fox (TrustCor Systems), Johnny Reading (GoDaddy), Jos Purvis (Cisco Systems), Karina Sirota (Microsoft), Kati Davids (GoDaddy), Mads Henriksveen (Buypass AS), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Niko Carpenter (SecureTrust), Peter Miskovic (Disig), Rae Ann Gonzales (GoDaddy), Rebecca Kelley (Apple), Ryan Dickson (Google), Stephen Davidson (Digicert), Tadahiko Ito (SECOM Trust Systems), Tim Hollebeek (Digicert), Trevoli Ponds-White (Amazon), Tyler Myers (GoDaddy), Vijayakumar (Vijay) Manjunatha (eMudhra), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yoshiro Yoneya (Japan Registry Services)
January 6, 2022 by Corey BonnellAttendees Adam Jones (Microsoft), Adrian Mueller (SwissSign), Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Bruce Morton (Entrust), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell (Digicert), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Fumihiko Yoneda (Japan Registry Services), Hazhar Ismail (MSC Trustgate Sdn Bhd), Inaba Atsushi (GlobalSign), Israr Ahmed (E-tugra), Joanna Fox (TrustCor Systems), Johnny Reading (GoDaddy), Jos Purvis (Cisco Systems), Karina Sirota (Microsoft), Kati Davids (GoDaddy), Mads Henriksveen (Buypass AS), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Niko Carpenter (SecureTrust), Peter Miskovic (Disig), Rae Ann Gonzales (GoDaddy), Rebecca Kelley (Apple), Ryan Dickson (Google), Stephen Davidson (Digicert), Tadahiko Ito (SECOM Trust Systems), Tim Hollebeek (Digicert), Trevoli Ponds-White (Amazon), Tyler Myers (GoDaddy), Vijayakumar (Vijay) Manjunatha (eMudhra), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yoshiro Yoneya (Japan Registry Services)
2022-01-05 Minutes of the S/MIME Certificate Working Group
January 5, 2022 by Stephen DavidsonMinutes of SMCWG January 5, 2022 These are the Approved Minutes of the Teleconference described in the subject of this message. Corrections and clarifications where needed are encouraged by reply. Attendees Andrea Holland (SecureTrust), Andreas Henschel (D-TRUST), Ben Wilson (Mozilla), Bruce Morton (Entrust), Cade Cairns (Google), Clint Wilson (Apple), Corey Bonnell (Digicert), Daniel Zens (GlobalTrust), Dimitris Zacharopoulos (HARICA), Hazhar Ismail (MSC Trustgate Sdn Bhd), Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo), Mads Henriksveen (Buypass AS), Martijn Katerbarg (Sectigo), Matthias Wiedenhorst (ACAB Council), Mauricio Fernandez (TeleTrust), Miguel Sanchez (Google), Mrugesh Chandarana (IdenTrust), Patrycja Tulinska (PSW Group), Pekka Lahtiharju (Telia Company), Rebecca Kelley (Apple), Renne Rodriguez (Apple), Russ Housley (Russ Housley), Sebastian Schulz (GlobalSign), Stefan Selbitschka (runQuadrat), Stephen Davidson (Digicert), Tadahiko Ito (SECOM Trust Systems), Thomas Connelly (US Federal PKI Management Authority), Tim Crawford (CPA Canada/WebTrust), Tsung-Min Kuo (Chunghwa Telecom), Wendy Brown (US Federal PKI Management Authority)
January 5, 2022 by Stephen DavidsonMinutes of SMCWG January 5, 2022 These are the Approved Minutes of the Teleconference described in the subject of this message. Corrections and clarifications where needed are encouraged by reply. Attendees Andrea Holland (SecureTrust), Andreas Henschel (D-TRUST), Ben Wilson (Mozilla), Bruce Morton (Entrust), Cade Cairns (Google), Clint Wilson (Apple), Corey Bonnell (Digicert), Daniel Zens (GlobalTrust), Dimitris Zacharopoulos (HARICA), Hazhar Ismail (MSC Trustgate Sdn Bhd), Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo), Mads Henriksveen (Buypass AS), Martijn Katerbarg (Sectigo), Matthias Wiedenhorst (ACAB Council), Mauricio Fernandez (TeleTrust), Miguel Sanchez (Google), Mrugesh Chandarana (IdenTrust), Patrycja Tulinska (PSW Group), Pekka Lahtiharju (Telia Company), Rebecca Kelley (Apple), Renne Rodriguez (Apple), Russ Housley (Russ Housley), Sebastian Schulz (GlobalSign), Stefan Selbitschka (runQuadrat), Stephen Davidson (Digicert), Tadahiko Ito (SECOM Trust Systems), Thomas Connelly (US Federal PKI Management Authority), Tim Crawford (CPA Canada/WebTrust), Tsung-Min Kuo (Chunghwa Telecom), Wendy Brown (US Federal PKI Management Authority)
Ballot SC-52 v 2: Specify CRL Validity Intervals in Seconds
January 1, 2022 by Ben WilsonBallot SC-52 version 2: Specify CRL Validity Intervals in Seconds This ballot expired before entering the voting period. Purpose of Ballot: Similar to Ballot SC-31 which modified the specification of OCSP validity periods to be in seconds, this ballot modifies the specification of CRL validity periods to be in seconds to avoid confusion about exactly which periods are valid and which are not. The ballot also specifies that other time
January 1, 2022 by Ben WilsonBallot SC-52 version 2: Specify CRL Validity Intervals in Seconds This ballot expired before entering the voting period. Purpose of Ballot: Similar to Ballot SC-31 which modified the specification of OCSP validity periods to be in seconds, this ballot modifies the specification of CRL validity periods to be in seconds to avoid confusion about exactly which periods are valid and which are not. The ballot also specifies that other time
Ballot Forum-17 – Creation of Network Security Working Group
December 28, 2021 by Ben WilsonThe voting on ballot FORUM-17 has completed, and the ballot has passed. Voting Results Certificate Issuers 22 votes total, with no abstentions: 22 Yes votes: Buypass, Certum (Asseco), D-TRUST, DigiCert, Disig, eMudhra, Entrust, E-TUGRA, GDCA, GlobalSign, GoDaddy, HARICA, JPRS, Let’s Encrypt/ISRG, MSC Trustgate, OISTE, SECOM, Sectigo, SSL.com, SwissSign, Telia Company, SecureTrust, 0 No Votes 0 Abstentions NOTE: A vote placed by GlobalTrust was not received on the public list and will not be counted.
December 28, 2021 by Ben WilsonThe voting on ballot FORUM-17 has completed, and the ballot has passed. Voting Results Certificate Issuers 22 votes total, with no abstentions: 22 Yes votes: Buypass, Certum (Asseco), D-TRUST, DigiCert, Disig, eMudhra, Entrust, E-TUGRA, GDCA, GlobalSign, GoDaddy, HARICA, JPRS, Let’s Encrypt/ISRG, MSC Trustgate, OISTE, SECOM, Sectigo, SSL.com, SwissSign, Telia Company, SecureTrust, 0 No Votes 0 Abstentions NOTE: A vote placed by GlobalTrust was not received on the public list and will not be counted.
2021-12-16 Minutes of the Code Signing Certificate Working Group
December 16, 2021 by Corey BonnellAttendees Andrea Holland, Atsushi Inaba, Bruce Morton, Corey Bonnell, Dean Coclin, Ian McMillan, Inigo Barreira, Janet Hines, Joanna Fox, Michael Sykes, Roberto Quinones, Tim Hollebeek Minutes Antitrust Statement was read by Bruce Morton. Approved minutes from previous Dec 2, 2021 meeting. Ballot CSC-6 (Subscriber Private Key Protection) Ian shared the final discussion feedback and changes. Added the definition of Hardware Crypto Module: A tamper-resistant device with a cryptography processor used for the specific purpose of protecting the lifecycle of cryptographic keys (generating, managing, processing, and storing).
December 16, 2021 by Corey BonnellAttendees Andrea Holland, Atsushi Inaba, Bruce Morton, Corey Bonnell, Dean Coclin, Ian McMillan, Inigo Barreira, Janet Hines, Joanna Fox, Michael Sykes, Roberto Quinones, Tim Hollebeek Minutes Antitrust Statement was read by Bruce Morton. Approved minutes from previous Dec 2, 2021 meeting. Ballot CSC-6 (Subscriber Private Key Protection) Ian shared the final discussion feedback and changes. Added the definition of Hardware Crypto Module: A tamper-resistant device with a cryptography processor used for the specific purpose of protecting the lifecycle of cryptographic keys (generating, managing, processing, and storing).
2021-11-11 Minutes of the Server Certificate Working Group
December 11, 2021 by Jos PurvisAttendees Adrian Mueller (SwissSign), Ali Gholami (Telia), Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Bruce Morton (Entrust), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell (Digicert), Dean Coclin (Digicert), Devon O’Brien (Google), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Fumihiko Yoneda (Japan Registry Services), Hubert Chao (Google), Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo), Joanna Fox (TrustCor Systems), Jos Purvis (Cisco Systems), Julie Olson (GlobalSign), Kiran Tummala (Microsoft), Karina Sirota (Microsoft), Kati Davids (GoDaddy), Mads Henriksveen (Buypass AS), Martijn Katerbarg (Sectigo), Miguel Sanchez (Google Trust Services), Natalia Kotliarsky (SecureTrust), Niko Carpenter (SecureTrust), Paul van Brouwershaven (Entrust), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Rebecca Kelley (Apple), Stephen Davidson (Digicert), Tadahiko Ito (SECOM Trust Systems), Thomas Zermeno (SSL.
December 11, 2021 by Jos PurvisAttendees Adrian Mueller (SwissSign), Ali Gholami (Telia), Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Bruce Morton (Entrust), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell (Digicert), Dean Coclin (Digicert), Devon O’Brien (Google), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Fumihiko Yoneda (Japan Registry Services), Hubert Chao (Google), Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo), Joanna Fox (TrustCor Systems), Jos Purvis (Cisco Systems), Julie Olson (GlobalSign), Kiran Tummala (Microsoft), Karina Sirota (Microsoft), Kati Davids (GoDaddy), Mads Henriksveen (Buypass AS), Martijn Katerbarg (Sectigo), Miguel Sanchez (Google Trust Services), Natalia Kotliarsky (SecureTrust), Niko Carpenter (SecureTrust), Paul van Brouwershaven (Entrust), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Rebecca Kelley (Apple), Stephen Davidson (Digicert), Tadahiko Ito (SECOM Trust Systems), Thomas Zermeno (SSL.
2021-12-09 Minutes of CA/B Forum Teleconference
December 9, 2021 by Ben WilsonAttendees: Adrian Mueller (SwissSign), Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Brittany Randall (GoDaddy), Bruce Morton (Entrust), Chris Kemmerer (SSL.com), Chris McMillan (Visa), Clint Wilson (Apple), Corey Bonnell (Digicert), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Fumihiko Yoneda (Japan Registry Services), Inaba Atsushi (GlobalSign), Janet Hines (SecureTrust), Joanna Fox (TrustCor Systems), Jos Purvis (Cisco Systems), Jose Guzman (GoDaddy), Karina Sirota (Microsoft),Kati Davids (GoDaddy), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Niko Carpenter (SecureTrust), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Rae Ann Gonzales (GoDaddy), Rebecca Kelley (Apple), Ryan Dickson (Google), Sebastian Schulz (GlobalSign), Tadahiko Ito (SECOM Trust Systems), Tobias Josefowitz (Opera Software AS), Tyler Myers (GoDaddy), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority), Yosiaki Iida (SECOM Trust Systems), Adam Jones (Microsoft), PekkaLahtiharju (Telia)
December 9, 2021 by Ben WilsonAttendees: Adrian Mueller (SwissSign), Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Brittany Randall (GoDaddy), Bruce Morton (Entrust), Chris Kemmerer (SSL.com), Chris McMillan (Visa), Clint Wilson (Apple), Corey Bonnell (Digicert), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Fumihiko Yoneda (Japan Registry Services), Inaba Atsushi (GlobalSign), Janet Hines (SecureTrust), Joanna Fox (TrustCor Systems), Jos Purvis (Cisco Systems), Jose Guzman (GoDaddy), Karina Sirota (Microsoft),Kati Davids (GoDaddy), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Niko Carpenter (SecureTrust), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Rae Ann Gonzales (GoDaddy), Rebecca Kelley (Apple), Ryan Dickson (Google), Sebastian Schulz (GlobalSign), Tadahiko Ito (SECOM Trust Systems), Tobias Josefowitz (Opera Software AS), Tyler Myers (GoDaddy), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority), Yosiaki Iida (SECOM Trust Systems), Adam Jones (Microsoft), PekkaLahtiharju (Telia)
2021-12-22 Minutes of the S/MIME Certificate Working Group
December 8, 2021 by Stephen DavidsonMinutes of SMCWG December 8, 2021 These are the Approved Minutes of the Teleconference described in the subject of this message. Corrections and clarifications where needed are encouraged by reply. Attendees Adrian Mueller (SwissSign), Andrea Holland (SecureTrust), Andreas Henschel (D-TRUST), Ben Wilson (Mozilla), Bruce Morton (Entrust), Cade Cairns (Google), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell (Digicert), Enrico Entschew (D-TRUST), Fotis Loukos (Google), Inaba Atsushi (GlobalSign), Joanna Fox (TrustCor Systems), Mads Henriksveen (Buypass AS), Martijn Katerbarg (Sectigo), Matthias Wiedenhorst (ACAB Council), Mauricio Fernandez (TeleTrust), Morad Abou Naser (TeleTrust), Patrycja Tulinska (PSW Group), Pedro Fuentes (OISTE Foundation), Pekka Lahtiharju (Telia Company), Rebecca Kelley (Apple), Renne Rodriguez (Apple), Russ Housley (Russ Housley), Sebastian Schulz (GlobalSign), Stefan Selbitschka (runQuadrat), Stephen Davidson (Digicert), Tadahiko Ito (SECOM Trust Systems), Wendy Brown (US Federal PKI Management Authority)
December 8, 2021 by Stephen DavidsonMinutes of SMCWG December 8, 2021 These are the Approved Minutes of the Teleconference described in the subject of this message. Corrections and clarifications where needed are encouraged by reply. Attendees Adrian Mueller (SwissSign), Andrea Holland (SecureTrust), Andreas Henschel (D-TRUST), Ben Wilson (Mozilla), Bruce Morton (Entrust), Cade Cairns (Google), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell (Digicert), Enrico Entschew (D-TRUST), Fotis Loukos (Google), Inaba Atsushi (GlobalSign), Joanna Fox (TrustCor Systems), Mads Henriksveen (Buypass AS), Martijn Katerbarg (Sectigo), Matthias Wiedenhorst (ACAB Council), Mauricio Fernandez (TeleTrust), Morad Abou Naser (TeleTrust), Patrycja Tulinska (PSW Group), Pedro Fuentes (OISTE Foundation), Pekka Lahtiharju (Telia Company), Rebecca Kelley (Apple), Renne Rodriguez (Apple), Russ Housley (Russ Housley), Sebastian Schulz (GlobalSign), Stefan Selbitschka (runQuadrat), Stephen Davidson (Digicert), Tadahiko Ito (SECOM Trust Systems), Wendy Brown (US Federal PKI Management Authority)
2021-12-02 Minutes of the Code Signing Certificate Working Group
December 2, 2021 by Corey BonnellAttendees Andrea Holland, Atsushi Inaba, Bruce Morton, Chris Kemmerer, Correy Bonnell, Dean Coclin, Dimitris Zacharopoulos, Ian McMillan, Inigo Barreira, Janet Hines, Joanna Fox, Kiran Tummala, Michael Sykes, Sebastian Schulz, Tim Crawford, Tim Hollebeek Minutes Approved minutes from previous Nov 18, 2021 meeting Discussion regarding SC-50 from Server Working Group Bruce Morton suggests dropping SC-50 (Ballot is concerned with removal of 4.1.1) Ian McMillan concurs with no other objections regarding SC-50 Ballot CSC-12 Revocation date verification ballot currently under IPR review; period ends Dec 03, 2021 Plan is push out latest version of CSBR’s Dec 03, 2021 afternoon Ballot CSC-6 11.
December 2, 2021 by Corey BonnellAttendees Andrea Holland, Atsushi Inaba, Bruce Morton, Chris Kemmerer, Correy Bonnell, Dean Coclin, Dimitris Zacharopoulos, Ian McMillan, Inigo Barreira, Janet Hines, Joanna Fox, Kiran Tummala, Michael Sykes, Sebastian Schulz, Tim Crawford, Tim Hollebeek Minutes Approved minutes from previous Nov 18, 2021 meeting Discussion regarding SC-50 from Server Working Group Bruce Morton suggests dropping SC-50 (Ballot is concerned with removal of 4.1.1) Ian McMillan concurs with no other objections regarding SC-50 Ballot CSC-12 Revocation date verification ballot currently under IPR review; period ends Dec 03, 2021 Plan is push out latest version of CSBR’s Dec 03, 2021 afternoon Ballot CSC-6 11.
Ballot SC50: Remove the requirements of section 4.1.1
November 22, 2021 by Jos PurvisVoting Results Certificate Issuers 24 votes total, with no abstentions: 24 Yes votes: Amazon, Certigna (DHIMYOTIS), Chunghwa Telecom, D-TRUST, DigiCert, Disig, eMudhra, Entrust, Firmaprofesional, GDCA, GlobalSign, GoDaddy, HARICA, Izenpe, JPRS, Kamu SM, Let’s Encrypt / ISRG, OISTE, Sectigo, SSL.com, SwissSign, Telia Company, TrustCor, Visa 0 No Votes 0 Abstentions Certificate Consumers 5 votes total, with no abstentions: 5 Yes votes: Apple, Cisco, Google, Mozilla, 360 0 No Votes 0 Abstentions Bylaw Requirements Bylaw 2.
November 22, 2021 by Jos PurvisVoting Results Certificate Issuers 24 votes total, with no abstentions: 24 Yes votes: Amazon, Certigna (DHIMYOTIS), Chunghwa Telecom, D-TRUST, DigiCert, Disig, eMudhra, Entrust, Firmaprofesional, GDCA, GlobalSign, GoDaddy, HARICA, Izenpe, JPRS, Kamu SM, Let’s Encrypt / ISRG, OISTE, Sectigo, SSL.com, SwissSign, Telia Company, TrustCor, Visa 0 No Votes 0 Abstentions Certificate Consumers 5 votes total, with no abstentions: 5 Yes votes: Apple, Cisco, Google, Mozilla, 360 0 No Votes 0 Abstentions Bylaw Requirements Bylaw 2.