CA/Browser Forum posts
2024-02-27 Minutes of the F2F 61 Meeting in Delhi - SCWG
April 5, 2024 by Iñigo BarreiraAttendance Aaron Poulsen - (Amazon), Adam Jones - (Microsoft), Adrian Mueller - (SwissSign), Adriano Santoni - (Actalis S.p.A.), Andrea Holland - (VikingCloud), Antti Backman - (Telia Company), Arno Fiedler - (ETSI), Arvid Vermote - (GlobalSign), Ashish Dhiman - (GlobalSign), Ben Wilson - (Mozilla), Bilal Ashraf - (SSL.com), Brittany Randall - (GoDaddy), Bruce Morton - (Entrust), Christophe Bonjean - (GlobalSign), Clint Wilson - (Apple), Corey Bonnell - (DigiCert), Dave Chin - (CPA Canada/WebTrust), Dean Coclin - (DigiCert), Dimitris Zacharopoulos - (HARICA), Enrico Entschew - (D-TRUST), Eva Vansteenberge - (GlobalSign), Fumi Yoneda - (Japan Registry Services), Hogeun Yoo - (NAVER Cloud Trust Services), Inaba Atsushi - (GlobalSign), Inigo Barreira - (Sectigo), Jeremy Rowley - (DigiCert), Jos Purvis - (Fastly), Jozef Nigut - (Disig), Kateryna Aleksieieva - (Asseco Data Systems SA (Certum)), Keshava Nagaraju - (eMudhra), Leo Grove - (SSL.
April 5, 2024 by Iñigo BarreiraAttendance Aaron Poulsen - (Amazon), Adam Jones - (Microsoft), Adrian Mueller - (SwissSign), Adriano Santoni - (Actalis S.p.A.), Andrea Holland - (VikingCloud), Antti Backman - (Telia Company), Arno Fiedler - (ETSI), Arvid Vermote - (GlobalSign), Ashish Dhiman - (GlobalSign), Ben Wilson - (Mozilla), Bilal Ashraf - (SSL.com), Brittany Randall - (GoDaddy), Bruce Morton - (Entrust), Christophe Bonjean - (GlobalSign), Clint Wilson - (Apple), Corey Bonnell - (DigiCert), Dave Chin - (CPA Canada/WebTrust), Dean Coclin - (DigiCert), Dimitris Zacharopoulos - (HARICA), Enrico Entschew - (D-TRUST), Eva Vansteenberge - (GlobalSign), Fumi Yoneda - (Japan Registry Services), Hogeun Yoo - (NAVER Cloud Trust Services), Inaba Atsushi - (GlobalSign), Inigo Barreira - (Sectigo), Jeremy Rowley - (DigiCert), Jos Purvis - (Fastly), Jozef Nigut - (Disig), Kateryna Aleksieieva - (Asseco Data Systems SA (Certum)), Keshava Nagaraju - (eMudhra), Leo Grove - (SSL.
2024-04-04 Minutes of the Code Signing Certificate Working Group
April 4, 2024 by Corey BonnellAgenda Roll Call Antitrust reminder Approve prior meeting minutes – F2F (awaiting draft from Andrea), March 21st (Brianca) Ballot status: Marking the EV CS guidelines obsolete (CSC-23). Do we need an IPR review? Proposed ballots: Remove EV Guideline References Proposed ballot for Time-stamp Requirements update; CSC-24 Continued discussion on Application for Associate Member status from Keyfactor Interested Party application from Wangmo Tenzing (as an individual) Other business Next meeting – April 18th Adjourn Attendees Brian Winters (Identrust), Bruce Morton (Entrust), Corey Bonnell (DigiCert), Dean Coclin (DigiCert), Ian McMillan (Microsoft), Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo), Marco Schambach - (IdenTrust), Mohit Kumar (GlobalSign), Nome Huang - (TrustAsia), Rollin Yu - (TrustAsia), Scott Rea (eMudhra), Tim Crawford - (CPA Canada/WebTrust), Trevoli Ponds-White - (Amazon)
April 4, 2024 by Corey BonnellAgenda Roll Call Antitrust reminder Approve prior meeting minutes – F2F (awaiting draft from Andrea), March 21st (Brianca) Ballot status: Marking the EV CS guidelines obsolete (CSC-23). Do we need an IPR review? Proposed ballots: Remove EV Guideline References Proposed ballot for Time-stamp Requirements update; CSC-24 Continued discussion on Application for Associate Member status from Keyfactor Interested Party application from Wangmo Tenzing (as an individual) Other business Next meeting – April 18th Adjourn Attendees Brian Winters (Identrust), Bruce Morton (Entrust), Corey Bonnell (DigiCert), Dean Coclin (DigiCert), Ian McMillan (Microsoft), Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo), Marco Schambach - (IdenTrust), Mohit Kumar (GlobalSign), Nome Huang - (TrustAsia), Rollin Yu - (TrustAsia), Scott Rea (eMudhra), Tim Crawford - (CPA Canada/WebTrust), Trevoli Ponds-White - (Amazon)
2024-03-28 Minutes of the CA/Browser Forum Teleconference
March 28, 2024 by Lynn JeunCA/Browser Forum TeleconferenceMarch 28, 2024 Attendees: Aaron Gable - (Let’s Encrypt), Aaron Poulsen - (Amazon), Abhishek Bhat - (eMudhra), Adam Jones - (Microsoft), Adrian Mueller - (SwissSign), Adriano Santoni - (Actalis S.p.A.), Andreas Henschel - (D-TRUST), Antti Backman - (Telia Company), Ben Wilson - (Mozilla), Brianca Martin - (Amazon), Bruce Morton - (Entrust), Clint Wilson - (Apple), Corey Bonnell - (DigiCert), Corey Rasmussen - (OATI), Dean Coclin - (DigiCert), Dong Wha Shin - (MOIS (Ministry of Interior and Safety) of the republic of Korea), Inaba Atsushi - (GlobalSign), Jaime Hablutzel - (OISTE Foundation), Jay WIlson - (Sectigo), Johnny Reading - (GoDaddy), Jos Purvis - (Fastly), Karina Sirota - (Microsoft), Keshava Nagaraju - (eMudhra), Kiran Tummala - (Microsoft), Lynn Jeun - (Visa), Marco Schambach - (IdenTrust), Martijn Katerbarg - (Sectigo), Michael Slaughter - (Amazon), Michelle Coon - (OATI), Miguel Sanchez - (Google), Nargis Mannan - (VikingCloud), Nate Smith - (GoDaddy), Naveen Kumar - (eMudhra), Nicol So - (CommScope), Nome Huang - (TrustAsia), Paul van Brouwershaven - (Entrust), Rich Kapushinski - (CommScope), RIch Smith - (DigiCert), Rollin Yu - (TrustAsia), Sandy Balzer - (SwissSign), Scott Rea - (eMudhra), Stephen Davidson - (DigiCert), Tathan Thacker - (IdenTrust), Thomas Zermeno - (SSL.
March 28, 2024 by Lynn JeunCA/Browser Forum TeleconferenceMarch 28, 2024 Attendees: Aaron Gable - (Let’s Encrypt), Aaron Poulsen - (Amazon), Abhishek Bhat - (eMudhra), Adam Jones - (Microsoft), Adrian Mueller - (SwissSign), Adriano Santoni - (Actalis S.p.A.), Andreas Henschel - (D-TRUST), Antti Backman - (Telia Company), Ben Wilson - (Mozilla), Brianca Martin - (Amazon), Bruce Morton - (Entrust), Clint Wilson - (Apple), Corey Bonnell - (DigiCert), Corey Rasmussen - (OATI), Dean Coclin - (DigiCert), Dong Wha Shin - (MOIS (Ministry of Interior and Safety) of the republic of Korea), Inaba Atsushi - (GlobalSign), Jaime Hablutzel - (OISTE Foundation), Jay WIlson - (Sectigo), Johnny Reading - (GoDaddy), Jos Purvis - (Fastly), Karina Sirota - (Microsoft), Keshava Nagaraju - (eMudhra), Kiran Tummala - (Microsoft), Lynn Jeun - (Visa), Marco Schambach - (IdenTrust), Martijn Katerbarg - (Sectigo), Michael Slaughter - (Amazon), Michelle Coon - (OATI), Miguel Sanchez - (Google), Nargis Mannan - (VikingCloud), Nate Smith - (GoDaddy), Naveen Kumar - (eMudhra), Nicol So - (CommScope), Nome Huang - (TrustAsia), Paul van Brouwershaven - (Entrust), Rich Kapushinski - (CommScope), RIch Smith - (DigiCert), Rollin Yu - (TrustAsia), Sandy Balzer - (SwissSign), Scott Rea - (eMudhra), Stephen Davidson - (DigiCert), Tathan Thacker - (IdenTrust), Thomas Zermeno - (SSL.
2024-03-28 Minutes of the Server Certificate Working Group
March 28, 2024 by Iñigo BarreiraAttendance Aaron Gable - (ISRG), Aaron Poulsen - (Amazon), Abhishek Bhat - (eMudhra), Adam Jones - (Microsoft), Adrian Mueller - (SwissSign), Alvin Wang – (SHECA), Andreas Henschel – (D-Trust), Adriano Santoni (Actalis), Antti Backman - (Telia Company), Atsushi Inaba - (GlobalSign), Ben Wilson – (Mozilla), Brianca Martin - (Amazon), Bruce Morton - (Entrust), Clint Wilson - (Apple), Corey Bonnell - (DigiCert), Corey Rasmussen - (OATI), Dean Coclin - (DigiCert), Dong Wha Shin - (MOIS), Jaime Hablutzel - (OISTE Foundation), Jay Wilson - (Sectigo), Johnny Reading - (GoDaddy), Jos Purvis - (Fastly), Karina Sirota - (Microsoft), Keshava Nagaraju - (eMudhra), Klran Tummala - (Microsoft), Luis Cervantes – (GoDaddy), Lynn Jeun - (VisaMarco Schambach - (IdenTrust), Martijn Katerbarg - (Sectigo), Michelle Coon - (OATI), Michael Slaughter – (Amazon), Miguel Sanchez - (Google), Nargis Mannan - (VikingCloud), Nate Smith - (GoDaddy), Naveen Kumar - (eMudhra), Nicol So - (CommScope), Nome Huang – (TrustAsia), Paul Van Brouwershaven – (Entrust), Rich Kapushinski – (CommScope), Rich Smith - (DigiCert), Sandy Balzer - (SwissSign), Scott Rea – (eMudhra), Stephen Davidson - (DigiCert), Tathan Thacker - (IdenTrust), Thomas Zermeno - (SSL.
March 28, 2024 by Iñigo BarreiraAttendance Aaron Gable - (ISRG), Aaron Poulsen - (Amazon), Abhishek Bhat - (eMudhra), Adam Jones - (Microsoft), Adrian Mueller - (SwissSign), Alvin Wang – (SHECA), Andreas Henschel – (D-Trust), Adriano Santoni (Actalis), Antti Backman - (Telia Company), Atsushi Inaba - (GlobalSign), Ben Wilson – (Mozilla), Brianca Martin - (Amazon), Bruce Morton - (Entrust), Clint Wilson - (Apple), Corey Bonnell - (DigiCert), Corey Rasmussen - (OATI), Dean Coclin - (DigiCert), Dong Wha Shin - (MOIS), Jaime Hablutzel - (OISTE Foundation), Jay Wilson - (Sectigo), Johnny Reading - (GoDaddy), Jos Purvis - (Fastly), Karina Sirota - (Microsoft), Keshava Nagaraju - (eMudhra), Klran Tummala - (Microsoft), Luis Cervantes – (GoDaddy), Lynn Jeun - (VisaMarco Schambach - (IdenTrust), Martijn Katerbarg - (Sectigo), Michelle Coon - (OATI), Michael Slaughter – (Amazon), Miguel Sanchez - (Google), Nargis Mannan - (VikingCloud), Nate Smith - (GoDaddy), Naveen Kumar - (eMudhra), Nicol So - (CommScope), Nome Huang – (TrustAsia), Paul Van Brouwershaven – (Entrust), Rich Kapushinski – (CommScope), Rich Smith - (DigiCert), Sandy Balzer - (SwissSign), Scott Rea – (eMudhra), Stephen Davidson - (DigiCert), Tathan Thacker - (IdenTrust), Thomas Zermeno - (SSL.
2024-03-27 Minutes of the S/MIME Certificate Working Group
March 27, 2024 by Stephen DavidsonMinutes of SMCWG March 27, 2024 These are the Approved Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply. Attendees Adrian Mueller - (SwissSign), Adriano Santoni - (Actalis S.p.A.), Andreas Henschel - (D-TRUST), Ben Wilson - (Mozilla), Clint Wilson - (Apple), Corey Bonnell - (DigiCert), Inaba Atsushi - (GlobalSign), Inigo Barreira - (Sectigo), Judith Spencer - (CertiPath), Marco Schambach - (IdenTrust), Martijn Katerbarg - (Sectigo), Morad Abou Nasser - (TeleTrust), Rollin Yu - (TrustAsia), Sandy Balzer - (SwissSign), Scott Rea - (eMudhra), Stephen Davidson - (DigiCert), Tim Crawford - (CPA Canada/WebTrust), Wendy Brown - (US Federal PKI Management Authority)
March 27, 2024 by Stephen DavidsonMinutes of SMCWG March 27, 2024 These are the Approved Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply. Attendees Adrian Mueller - (SwissSign), Adriano Santoni - (Actalis S.p.A.), Andreas Henschel - (D-TRUST), Ben Wilson - (Mozilla), Clint Wilson - (Apple), Corey Bonnell - (DigiCert), Inaba Atsushi - (GlobalSign), Inigo Barreira - (Sectigo), Judith Spencer - (CertiPath), Marco Schambach - (IdenTrust), Martijn Katerbarg - (Sectigo), Morad Abou Nasser - (TeleTrust), Rollin Yu - (TrustAsia), Sandy Balzer - (SwissSign), Scott Rea - (eMudhra), Stephen Davidson - (DigiCert), Tim Crawford - (CPA Canada/WebTrust), Wendy Brown - (US Federal PKI Management Authority)
Ballot CSC-23 - Marking the EV Code Signing Guidelines SUPERCEDED
March 26, 2024 by Corey BonnellThe final documents, with the effective date being 2024-03-26, are available here. Results of Voting Yes No Abstain Certificate Issuers Actalis, Asseco (Certum), DigiCert, Entrust, Globalsign, HARICA, IdenTrust, Sectigo, SSL.com Certificate Consumers Microsoft Purpose of the Ballot As agreed at the F2F#61 meeting, this is a ballot to mark the “Guidelines For The Issuance And Management Of Extended Validation Code Signing Certificates” as superceded. The following motion has been proposed by Dimitris Zacharopoulos of HARICA and endorsed by Scott Rea of eMudhra and Martijn Katerbarg of Sectigo.
March 26, 2024 by Corey BonnellThe final documents, with the effective date being 2024-03-26, are available here. Results of Voting Yes No Abstain Certificate Issuers Actalis, Asseco (Certum), DigiCert, Entrust, Globalsign, HARICA, IdenTrust, Sectigo, SSL.com Certificate Consumers Microsoft Purpose of the Ballot As agreed at the F2F#61 meeting, this is a ballot to mark the “Guidelines For The Issuance And Management Of Extended Validation Code Signing Certificates” as superceded. The following motion has been proposed by Dimitris Zacharopoulos of HARICA and endorsed by Scott Rea of eMudhra and Martijn Katerbarg of Sectigo.
Ballot SMC06: Post implementation clarification and corrections
March 26, 2024 by Stephen DavidsonThe Intellectual Property Review (IPR) period for Ballot SMC06 (Post implementation clarification and corrections) has completed. No IPR Exclusion Notices were filed, and the ballot is adopted as of May 11, 2024. The new S/MIME BR v.1.0.4 have been published to the CABF public website in accordance with the Bylaws: https://cabforum.org/uploads/CA-Browser-Forum-SMIMEBR-1.0.4.pdf IPR Review of Ballot SMC06: Post implementation clarification and corrections This Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum’s Intellectual Property Rights Policy (v1.
March 26, 2024 by Stephen DavidsonThe Intellectual Property Review (IPR) period for Ballot SMC06 (Post implementation clarification and corrections) has completed. No IPR Exclusion Notices were filed, and the ballot is adopted as of May 11, 2024. The new S/MIME BR v.1.0.4 have been published to the CABF public website in accordance with the Bylaws: https://cabforum.org/uploads/CA-Browser-Forum-SMIMEBR-1.0.4.pdf IPR Review of Ballot SMC06: Post implementation clarification and corrections This Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum’s Intellectual Property Rights Policy (v1.
Ballot SC-72: Delete except to policyQualifiers in EVGs; align with BRs by making them NOT RECOMMENDED
March 25, 2024 by Paul van BrouwershavenVoting Results Certificate Issuers 15 votes total, with no abstentions: 15 Issuers voting YES: Buypass, Certum (Asseco), DigiCert, eMudhra, Entrust, GlobalSign, GoDaddy, HARICA, Izenpe, OISTE, SECOM, Sectigo, SwissSign, TWCA, Telia Company 0 Issuers voting NO 0 Issuers ABSTAIN Certificate Consumers 2 votes total, with no abstentions: 2 Consumers voting YES: Apple, Google 0 Consumers voting NO 0 Consumers ABSTAIN Bylaws Requirements Bylaw 2.3(6) requires: In order for a ballot to be adopted by the Forum, two‐thirds (2/3) or more of the votes cast by the Voting Members in the Certificate Issuer category must be in favour of the ballot.
March 25, 2024 by Paul van BrouwershavenVoting Results Certificate Issuers 15 votes total, with no abstentions: 15 Issuers voting YES: Buypass, Certum (Asseco), DigiCert, eMudhra, Entrust, GlobalSign, GoDaddy, HARICA, Izenpe, OISTE, SECOM, Sectigo, SwissSign, TWCA, Telia Company 0 Issuers voting NO 0 Issuers ABSTAIN Certificate Consumers 2 votes total, with no abstentions: 2 Consumers voting YES: Apple, Google 0 Consumers voting NO 0 Consumers ABSTAIN Bylaws Requirements Bylaw 2.3(6) requires: In order for a ballot to be adopted by the Forum, two‐thirds (2/3) or more of the votes cast by the Voting Members in the Certificate Issuer category must be in favour of the ballot.
2024-03-21 Minutes of the Code Signing Certificate Working Group
March 21, 2024 by Corey BonnellAgenda Roll Call Antitrust reminder Minutes Ballots Membership Other business Next meeting – April 4th Adjourn Attendees Dean Coclin (DigiCert), Martijn Katerbarg (Sectigo), Brianca Martin (Amazon), Tim Crawford (CPA Canada/WebTrust), Thomas Zermeno (SSL.com), Mohit Kumar (GlobalSign), Scott Rea (eMudhra, Mohit Kumar (GlobalSign), Dimitris Zacharopoulos (HARICA), Atsushi INABA (GlobalSign), Inigo Barreira (Sectigo) Minutes Dean Coclin read the Antitrust policy. Meeting minutes – No minutes to approve. Andrea Holland working on minutes from F2F-New Delhi.
March 21, 2024 by Corey BonnellAgenda Roll Call Antitrust reminder Minutes Ballots Membership Other business Next meeting – April 4th Adjourn Attendees Dean Coclin (DigiCert), Martijn Katerbarg (Sectigo), Brianca Martin (Amazon), Tim Crawford (CPA Canada/WebTrust), Thomas Zermeno (SSL.com), Mohit Kumar (GlobalSign), Scott Rea (eMudhra, Mohit Kumar (GlobalSign), Dimitris Zacharopoulos (HARICA), Atsushi INABA (GlobalSign), Inigo Barreira (Sectigo) Minutes Dean Coclin read the Antitrust policy. Meeting minutes – No minutes to approve. Andrea Holland working on minutes from F2F-New Delhi.
Ballot SC-65v2: Convert EVGs into RFC 3647 format
March 15, 2024 by Iñigo BarreiraVoting Results Certificate Issuers 23 votes total, with no abstentions: 23 Issuers voting YES: Actalis, Buypass, Certum (Asseco), CFCA, CommScope, D-TRUST, DigiCert, Entrust, GDCA, GlobalSign, GoDaddy, HARICA, IdenTrust, iTrusChina, Izenpe, JPRS, OISTE, SECOM, Sectigo, SSL.com, SwissSign, TWCA, Telia Company 0 Issuers voting NO 0 Issuers ABSTAIN Certificate Consumers 2 votes total, with no abstentions: 2 Consumers voting YES: Microsoft, Mozilla 0 Consumers voting NO 0 Consumers ABSTAIN Bylaws Requirements Bylaw 2.
March 15, 2024 by Iñigo BarreiraVoting Results Certificate Issuers 23 votes total, with no abstentions: 23 Issuers voting YES: Actalis, Buypass, Certum (Asseco), CFCA, CommScope, D-TRUST, DigiCert, Entrust, GDCA, GlobalSign, GoDaddy, HARICA, IdenTrust, iTrusChina, Izenpe, JPRS, OISTE, SECOM, Sectigo, SSL.com, SwissSign, TWCA, Telia Company 0 Issuers voting NO 0 Issuers ABSTAIN Certificate Consumers 2 votes total, with no abstentions: 2 Consumers voting YES: Microsoft, Mozilla 0 Consumers voting NO 0 Consumers ABSTAIN Bylaws Requirements Bylaw 2.