CA/Browser Forum
Home » Posts

CA/Browser Forum posts

Filter posts by Author, Tag or Series

Ballots CSC-21 and CSC-22
January 17, 2024 by Corey BonnellRESULTS OF REVIEW PERIOD The IPR review period ended on February 28, 2024 and no exclusion notices were filed. The final documents, with the effective date being 2024-02-28, are available here. This Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum’s Intellectual Property Rights Policy (v1.3). This Review Period of 30 days is for one Final Maintenance Guidelines. The complete Draft Maintenance Guideline that is the subject of this Review Notice are available here for CSC-21 and here for CSC-22, in red-line draft format.
Ballot FORUM 20v2 – Amend Code Signing Certificate Working Group Charter
January 13, 2024 by Dimitris ZacharopoulosThe voting period for Ballot FORUM-020 v.2 - Amend Code Signing Certificate Working Group Charter has ended and the Ballot has Passed. Here are the results: Voting by Certificate Issuers 23 votes total including abstentions 11 Yes votes: CFCA, eMudhra, Entrust, Fastly, GDCA, GoDaddy, HARICA, IdenTrust, Sectigo, SSL.com, Viking Cloud 1 No votes: DigiCert 0 Abstain: 92% of voting Certificate Issuers voted in favor Voting by Certificate Consumers 1 votes total including abstentions
Ballot SMC05: Adoption of CAA for S/MIME
January 8, 2024 by Stephen DavidsonThe Intellectual Property Review (IPR) period for Ballot SMC05 (Adoption of CAA for S/MIME) has completed. No IPR Exclusion Notices were filed, and the ballot is adopted as of February 20, 2024. The new S/MIME BR v.1.0.3 have been published to the CABF public website in accordance with the Bylaws: https://cabforum.org/uploads/CA-Browser-Forum-SMIMEBR-1.0.3.pdf Notice of Review Period SMC05: Adoption of CAA for S/MIME This Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum’s Intellectual Property Rights Policy (v1.
2024-01-04 Minutes of the CA/Browser Forum Teleconference
January 4, 2024 by Kiran TummalaMeeting of the CA/Browser Forum January 4, 2024 1. Roll Call Aaron Gable - (Let’s Encrypt), Adam Jones - (Microsoft), Andrea Holland - (VikingCloud), Ben Wilson - (Mozilla), Brianca Martin - (Amazon), Cade Cairns - (Google), Chris Clements - (Google), Christophe Bonjean - (GlobalSign), Clint Wilson - (Apple), Corey Bonnell - (DigiCert), Corey Rasmussen - (OATI), David Kluge - (Google), Dean Coclin - (DigiCert), Dimitris Zacharopoulos - (HARICA), Doug Beattie - (GlobalSign), Dustin Hollenback - (Microsoft), Enrico Entschew - (D-TRUST), Inaba Atsushi - (GlobalSign), Johnny Reading - (GoDaddy), Karina Sirota - (Microsoft), Kiran Tummala - (Microsoft), Lucy Buecking - (IdenTrust), Lynn Jeun - (Visa), Mads Henriksveen - (Buypass AS), Marcelo Silva - (Visa), Marco Schambach - (IdenTrust), Mark Nelson - (IdenTrust), Martijn Katerbarg - (Sectigo), Michelle Coon - (OATI), Mrugesh Chandarana - (IdenTrust), Nargis Mannan - (VikingCloud), Nicol So - (CommScope), Nome Huang - (TrustAsia), Paul van Brouwershaven - (Entrust), Peter Miskovic - (Disig), Rebecca Kelley - (Apple), Rollin Yu - (TrustAsia), Roman Fischer - (SwissSign), Scott Rea - (eMudhra), Stephen Davidson - (DigiCert), Steven Deitte - (GoDaddy), Tadahiko Ito - (SECOM Trust Systems), Thomas Zermeno - (SSL.
2024-01-04 Minutes of the Server Certificate Working Group
January 4, 2024 by Iñigo BarreiraAttendance Aaron Gable - (Let’s Encrypt), Adam Jones - (Microsoft), Andrea Holland - (VikingCloud), Ben Wilson - (Mozilla), Brianca Martin - (Amazon), Cade Cairns - (Google), Chris Clements - (Google), Christophe Bonjean - (GlobalSign), Clint Wilson - (Apple), Corey Bonnell - (DigiCert), Corey Rasmussen - (OATI), David Kluge - (Google), Dean Coclin - (DigiCert), Dimitris Zacharopoulos - (HARICA), Doug Beattie - (GlobalSign), Dustin Hollenback - (Microsoft), Enrico Entschew - (D-TRUST), Inaba Atsushi - (GlobalSign), Johnny Reading - (GoDaddy), Karina Sirota - (Microsoft), Kiran Tummala - (Microsoft), Lucy Buecking - (IdenTrust), Lynn Jeun - (Visa), Mads Henriksveen - (Buypass AS), Marcelo Silva - (Visa), Marco Schambach - (IdenTrust), Mark Nelson - (IdenTrust), Martijn Katerbarg - (Sectigo), Michelle Coon - (OATI), Mrugesh Chandarana - (IdenTrust), Nargis Mannan - (VikingCloud), Nicol So - (CommScope), Nome Huang - (TrustAsia), Paul van Brouwershaven - (Entrust), Peter Miskovic - (Disig), Rebecca Kelley - (Apple), Rollin Yu - (TrustAsia), Roman Fischer - (SwissSign), Scott Rea - (eMudhra), Stephen Davidson - (DigiCert), Steven Deitte - (GoDaddy), Tadahiko Ito - (SECOM Trust Systems), Thomas Zermeno - (SSL.
2024-01-03 Minutes of the S/MIME Certificate Working Group
January 3, 2024 by Stephen DavidsonMinutes of SMCWG January 3, 2024 These are the Draft Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply. Attendees Adriano Santoni - (Actalis S.p.A.), Andrea Holland - (VikingCloud), Andreas Henschel - (D-TRUST), Ashish Dhiman - (GlobalSign), Cade Cairns - (Google), Clint Wilson - (Apple), Corey Bonnell - (DigiCert), Dimitris Zacharopoulos - (HARICA), Don Sheehy - (CPA Canada/WebTrust), Enrico Entschew - (D-TRUST), Inaba Atsushi - (GlobalSign), Janet Hines - (VikingCloud), Judith Spencer - (CertiPath), Marco Schambach - (IdenTrust), Martijn Katerbarg - (Sectigo), Matt Cooper - (CertiPath (Private Person)), Mrugesh Chandarana - (IdenTrust), Nome Huang - (TrustAsia), Rebecca Kelley - (Apple), Rollin Yu - (TrustAsia), Russ Housley - (Vigil Security LLC), Scott Rea - (eMudhra), Stephen Davidson - (DigiCert), Tadahiko Ito - (SECOM Trust Systems), Thomas Zermeno - (SSL.
2023-12-20 Minutes of the S/MIME Certificate Working Group
December 20, 2023 by Stephen DavidsonMinutes of SMCWG December 20, 2023 These are the Approved Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply. Attendees Ashish Dhiman – (GlobalSign), Ben Wilson – (Mozilla), Bruce Morton – (Entrust), Cade Cairns – (Google), Corey Bonnell – (DigiCert), Dimitris Zacharopoulos – (HARICA), Don Sheehy – (CPA Canada/WebTrust), Enrico Entschew – (D-TRUST), Eva Vansteenberge – (GlobalSign), Inaba Atsushi – (GlobalSign), Inigo Barreira – (Sectigo), Judith Spencer – (CertiPath), Marco Schambach – (IdenTrust), Martijn Katerbarg – (Sectigo), Paul van Brouwershaven – (Entrust), Pekka Lahtiharju – (Telia Company), Rebecca Kelley – (Apple), Renne Rodriguez – (Apple), Scott Rea – (eMudhra), Stefan Selbitschka – (rundQuadrat), Stephen Davidson – (DigiCert), Tadahiko Ito – (SECOM Trust Systems), Thomas Zermeno – (SSL.
2023-12-14 Minutes of the Code Signing Certificate Working Group
December 14, 2023 by Corey BonnellAttendees Andrea Holland (VikingCloud), Bruce Morton (Entrust), Corey Bonnell (DigiCert), Dean Coclin (DigiCert), Ian McMillan (Microsoft), Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo), Martijn Katerbarg (Sectigo), Mohit Kumar (GlobalSign), Richard Kisley (IBM), Roberto Quionones (Intel), Rollin Yu (TrustAsia), Scott Rea (eMudhra), Tim Crawford (CPA Canada/WebTrust), Tim Hollebeek (DigiCert) Minutes Bruce read the note well. Minutes of the November 30th meeting were not approved as they were just sent out. Signing Service Ballot Bruce mentioned that Ian wanted to reduce the audit requirements for non-CA signing services.
Ballot SMC04: Addition of ETSI TS 119 411-6 to audit standards
December 8, 2023 by Stephen DavidsonThe Intellectual Property Review (IPR) period for Ballot SMC04 (Addition of ETSI TS 119 411-6 to audit standards) has completed. No IPR Exclusion Notices were filed, and the ballot is adopted as of December 8, 2023. The new S/MIME BR have also been published to the CABF public website in accordance with the Bylaws. Intellectual Property Review: Notice of Review Period – BALLOT SMC04 This Review Notice is sent pursuant to Section 4.
Minutes of the F2F 60 Meeting in Portsmouth, NH, USA, 3-5 October 2023 – SCWG (4 October)
December 7, 2023 by Iñigo BarreiraServer Cert Working GroupDate: October 4, 2023 Minute Taker: Kiran Tummala (Microsoft) Revocation: The current rules in place were established about a decade ago, and much has changed since then, especially in terms of certificate volumes and crt.sh. Often, revocation appears to be a cosmetic issue, and there’s a sense that it does a disservice to both subscribers and relying parties. Creating unnecessary crises is not beneficial. There’s a strong desire to update the rule.
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).