CA/Browser Forum posts
Ballot CSC-1: Adopt Baseline Requirements version 1.2
June 11, 2019 by Ben Wilson*NOTICE OF REVIEW PERIOD* ** This Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum's Intellectual Property Rights Policy (v1.3). This Review Period is for a Final Guideline (60 day Review Period). Attached is a complete Draft Guideline subject of this Review Notice. Ballot for Review: Ballot CSCWG-1 /pipermail/cscwg-public/2019-June/000043.html Start of Review Period: June 13, 2019 at 11:00am Eastern Time End of Review Period: August 13, 2019 at 11:00am Eastern Time ------------------ Voting on Ballot CSCWG-1 has ended and the results are as follows: 11 Certificate Issuers voting YES: Actalis, Sectigo (former Comodo CA), DigiCert, eMudhra, Entrust Datacard, GDCA, GlobalSign, GoDaddy, HARICA, SSL.com, SecureTrust (former Trustwave) 0 Certificate Issuers voting No or Abstain 1 Certificate Consumer voting YES: Microsoft 0 Certificate Consumers voting No or Abstain Quorum calculator requires 6 to meet quorum. This was met. Therefore, the Ballot passes. Dean Coclin Code Signing Certificate Working Group Chair Purpose of Ballot: Adoption of this ballot will: (i) adopt written findings concerning the provenance of the Baseline Requirements for the Issuance and Management of Publicly Trusted Code Signing Certificates; and (ii) adopt version 1.2 of such Baseline Requirements, subject to completion of the 60-day “Notice of Review Period” pursuant to Section 4.1 of Forum’s IPR Policy.
June 11, 2019 by Ben Wilson*NOTICE OF REVIEW PERIOD* ** This Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum's Intellectual Property Rights Policy (v1.3). This Review Period is for a Final Guideline (60 day Review Period). Attached is a complete Draft Guideline subject of this Review Notice. Ballot for Review: Ballot CSCWG-1 /pipermail/cscwg-public/2019-June/000043.html Start of Review Period: June 13, 2019 at 11:00am Eastern Time End of Review Period: August 13, 2019 at 11:00am Eastern Time ------------------ Voting on Ballot CSCWG-1 has ended and the results are as follows: 11 Certificate Issuers voting YES: Actalis, Sectigo (former Comodo CA), DigiCert, eMudhra, Entrust Datacard, GDCA, GlobalSign, GoDaddy, HARICA, SSL.com, SecureTrust (former Trustwave) 0 Certificate Issuers voting No or Abstain 1 Certificate Consumer voting YES: Microsoft 0 Certificate Consumers voting No or Abstain Quorum calculator requires 6 to meet quorum. This was met. Therefore, the Ballot passes. Dean Coclin Code Signing Certificate Working Group Chair Purpose of Ballot: Adoption of this ballot will: (i) adopt written findings concerning the provenance of the Baseline Requirements for the Issuance and Management of Publicly Trusted Code Signing Certificates; and (ii) adopt version 1.2 of such Baseline Requirements, subject to completion of the 60-day “Notice of Review Period” pursuant to Section 4.1 of Forum’s IPR Policy.
Ballot FORUM-9: Bylaws and Server Certificate Working Group Charter Updates
May 29, 2019 by Jos PurvisResults The voting period for Ballot Forum-9 has ended and the Ballot has Passed. Here are the results:
May 29, 2019 by Jos PurvisResults The voting period for Ballot Forum-9 has ended and the Ballot has Passed. Here are the results:
Ballot SC019: Phone Contact with DNS CAA Phone Contact v2
May 21, 2019 by Wayne ThayerThe voting period for Ballot SC19 has ended and the Ballot has Passed. Here are the results: Voting by Certificate Issuers – 20 votes total including abstentions 20 Yes votes: Buypass, Certum (Asseco), Chunghwa Telecom, D-TRUST, DarkMatter, DigiCert, Disig, eMudhra, Entrust Datacard, GDCA, GlobalSign, GoDaddy, HARICA, Kamu SM, SHECA, SwissSign, TrustCor, SecureTrust (former Trustwave), TurkTrust, Visa 0 No votes: 0 Abstain: 100% of voting Certificate Issuers voted in favor. Voting by Certificate Consumers – 5 votes total including abstentions
May 21, 2019 by Wayne ThayerThe voting period for Ballot SC19 has ended and the Ballot has Passed. Here are the results: Voting by Certificate Issuers – 20 votes total including abstentions 20 Yes votes: Buypass, Certum (Asseco), Chunghwa Telecom, D-TRUST, DarkMatter, DigiCert, Disig, eMudhra, Entrust Datacard, GDCA, GlobalSign, GoDaddy, HARICA, Kamu SM, SHECA, SwissSign, TrustCor, SecureTrust (former Trustwave), TurkTrust, Visa 0 No votes: 0 Abstain: 100% of voting Certificate Issuers voted in favor. Voting by Certificate Consumers – 5 votes total including abstentions
Ballot SC017v7: Alternative registration numbers for EV certificates
May 21, 2019 by Wayne ThayerThe voting period for Ballot SC17 has ended and the Ballot has Passed. Here are the results: Voting by Certificate Issuers – 24 votes total including abstentions 23 Yes votes: Actalis, Buypass, Camerfirma, Certigna (DHIMYOTIS), Certum (Asseco), Chunghwa Telecom, Comsign, D-TRUST, DarkMatter, DigiCert, eMudhra, Entrust Datacard, Firmaprofesional, GDCA, GlobalSign, GoDaddy, HARICA, Kamu SM, SHECA, SSC, SecureTrust (former Trustwave), TurkTrust 0 No votes: 1 Abstain: TrustCor 100% of voting Certificate Issuers voted in favor.
May 21, 2019 by Wayne ThayerThe voting period for Ballot SC17 has ended and the Ballot has Passed. Here are the results: Voting by Certificate Issuers – 24 votes total including abstentions 23 Yes votes: Actalis, Buypass, Camerfirma, Certigna (DHIMYOTIS), Certum (Asseco), Chunghwa Telecom, Comsign, D-TRUST, DarkMatter, DigiCert, eMudhra, Entrust Datacard, Firmaprofesional, GDCA, GlobalSign, GoDaddy, HARICA, Kamu SM, SHECA, SSC, SecureTrust (former Trustwave), TurkTrust 0 No votes: 1 Abstain: TrustCor 100% of voting Certificate Issuers voted in favor.
2019-05-02 Minutes for the CA/Browser Forum Teleconference
May 16, 2019 by Jos PurvisAttendees (in alphabetical order) Antonio Perez (GoDaddy), Ben Wilson (Digicert), Chris Kemmerer (SSL.com), Dean Coclin (Digicert), Devon O’Brien (Google), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Frank Corday (SecureTrust), Geoff Keating (Apple), India Donald (US Federal PKI Management Authority), Joanna Fox (GoDaddy), Jos Purvis (Cisco Systems), Kenneth Myers (US Federal PKI Management Authority), Kirk Hall (Entrust Datacard), Li-Chun Chen (Chunghwa Telecom), Mads Henriksveen (Buypass AS), Michael Guenther (SwissSign), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter (SecureTrust), Peter Miskovic (Disig), Rich Smith (Sectigo), Robin Alden (Sectigo), Scott Rea (Dark Matter), Shelley Brewer (Digicert), Tim Callan (Sectigo), Tim Hollebeek (Digicert), Tim Shirley (SecureTrust), Timo Schmitt (SwissSign), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).
May 16, 2019 by Jos PurvisAttendees (in alphabetical order) Antonio Perez (GoDaddy), Ben Wilson (Digicert), Chris Kemmerer (SSL.com), Dean Coclin (Digicert), Devon O’Brien (Google), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Frank Corday (SecureTrust), Geoff Keating (Apple), India Donald (US Federal PKI Management Authority), Joanna Fox (GoDaddy), Jos Purvis (Cisco Systems), Kenneth Myers (US Federal PKI Management Authority), Kirk Hall (Entrust Datacard), Li-Chun Chen (Chunghwa Telecom), Mads Henriksveen (Buypass AS), Michael Guenther (SwissSign), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter (SecureTrust), Peter Miskovic (Disig), Rich Smith (Sectigo), Robin Alden (Sectigo), Scott Rea (Dark Matter), Shelley Brewer (Digicert), Tim Callan (Sectigo), Tim Hollebeek (Digicert), Tim Shirley (SecureTrust), Timo Schmitt (SwissSign), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).
2019-05-02 Minutes of the Server Certificate Working Group
May 16, 2019 by Jos PurvisAttendees (in alphabetical order) Antonio Perez (GoDaddy), Ben Wilson (Digicert), Chris Kemmerer (SSL.com), Dean Coclin (Digicert), Devon O’Brien (Google), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Frank Corday (SecureTrust), Geoff Keating (Apple), India Donald (US Federal PKI Management Authority), Joanna Fox (GoDaddy), Jos Purvis (Cisco Systems), Kenneth Myers (US Federal PKI Management Authority), Kirk Hall (Entrust Datacard), Li-Chun Chen (Chunghwa Telecom), Mads Henriksveen (Buypass AS), Michael Guenther (SwissSign), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter (SecureTrust), Peter Miskovic (Disig), Rich Smith (Sectigo), Robin Alden (Sectigo), Scott Rea (Dark Matter), Shelley Brewer (Digicert), Tim Callan (Sectigo), Tim Hollebeek (Digicert), Tim Shirley (SecureTrust), Timo Schmitt (SwissSign), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).
May 16, 2019 by Jos PurvisAttendees (in alphabetical order) Antonio Perez (GoDaddy), Ben Wilson (Digicert), Chris Kemmerer (SSL.com), Dean Coclin (Digicert), Devon O’Brien (Google), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Frank Corday (SecureTrust), Geoff Keating (Apple), India Donald (US Federal PKI Management Authority), Joanna Fox (GoDaddy), Jos Purvis (Cisco Systems), Kenneth Myers (US Federal PKI Management Authority), Kirk Hall (Entrust Datacard), Li-Chun Chen (Chunghwa Telecom), Mads Henriksveen (Buypass AS), Michael Guenther (SwissSign), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter (SecureTrust), Peter Miskovic (Disig), Rich Smith (Sectigo), Robin Alden (Sectigo), Scott Rea (Dark Matter), Shelley Brewer (Digicert), Tim Callan (Sectigo), Tim Hollebeek (Digicert), Tim Shirley (SecureTrust), Timo Schmitt (SwissSign), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).
Minutes of the F2F 46 Meeting in Cupertino, California, 12-14 March 2019
May 3, 2019 by Jos PurvisWG and Subcommittee Meetings (Tuesday March 12, 2019) Call to Order – CA/Browser Forum Meeting Attendees on March 12, 2019: Adam Clark (Visa), Adam Sink (GoDaddy), Arno Fiedler (D-TRUST), Atsushi Inaba (GlobalSign), Bailey Basile (Apple), Ben Wilson (DigiCert), Benjamin Gabriel (DarkMatter), Bruce Morton (Entrust Datacard), Xiaotong Chen (SHECA), Chris Kemmerer (SSL.com), Corey Rasmussen (OATI), JiuQing Cui (SHECA), Curt Spann (Apple), Dave Blunt (Amazon Trust Services), Davut Tokgöz (E-Tugra), Daymion Reynolds (GoDaddy), Dean Coclin (DigiCert), Devon O’Brien (Google), Dimitris Zacharopoulos (HARICA), Don Sheehy (CPA Canada), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Eva Van Steenberge (GlobalSign), Fotis Loukos (SSL.com), Frank Corday (SecureTrust), Geoff Keating (Apple), Georgy Sebastian (Amazon Trust Services), Gordon Bock (Microsoft), Hwai-Ling Shan (Chunghwa Telecom Co. Ltd.), Iñigo Barreira (360), Janet Treasure (CPA Canada), Jason Cooper (Microsoft), Jeff Ward (WebTrust/BDO), Jeremy Rowley (DigiCert), Joanna Fox (GoDaddy), Jos Purvis (Cisco), Josselin Allemandou (Dhimyotis (Certigna)), Karina Sirota (Microsoft), Kathleen Wilson (Mozilla), Ken Myers (FPKI), Khadija Amin (Cisco), Leo Grove (SSL.com), Li-Chun Chen (Chunghwa Telecom Co. Ltd.), Matthias Wiedenhorst (ACAB-c / TÜViT), Michelle Coon (OATI), Mike Guenther (SwissSign), Mike Reilly (Microsoft), Nur H. Kuran (E-Tugra), Philippe Bouchet (ACAB’C/LSTI), Renne Rodriguez (Apple), Rich Smith (Sectigo), Robin Alden (Sectigo), Romain Delval (Dhimyotis (Certigna)), Ryan Hurst (Google), Ryan Sleevi (Google), Scott Rea (DarkMatter), Somer Shively (Cisco), Tad Kaburaki (Amazon Trust Services), Tadahiko Ito (Secom), Xingkun Tang (SHECA), Tim Callan (Sectigo), Tim Hollebeek (DigiCert), Tim Shirley (SecureTrust), Trevoli Ponds-White (Amazon Trust Services), VijayaKumar Manjunatha (eMudhra), Wayne Thayer (Mozilla), Wei Yicai (GDCA), Xiu Lei (GDCA), Yuu Hidaka (Secom), Zane Lewiston (Microsoft), Zhihui Liang (360).
May 3, 2019 by Jos PurvisWG and Subcommittee Meetings (Tuesday March 12, 2019) Call to Order – CA/Browser Forum Meeting Attendees on March 12, 2019: Adam Clark (Visa), Adam Sink (GoDaddy), Arno Fiedler (D-TRUST), Atsushi Inaba (GlobalSign), Bailey Basile (Apple), Ben Wilson (DigiCert), Benjamin Gabriel (DarkMatter), Bruce Morton (Entrust Datacard), Xiaotong Chen (SHECA), Chris Kemmerer (SSL.com), Corey Rasmussen (OATI), JiuQing Cui (SHECA), Curt Spann (Apple), Dave Blunt (Amazon Trust Services), Davut Tokgöz (E-Tugra), Daymion Reynolds (GoDaddy), Dean Coclin (DigiCert), Devon O’Brien (Google), Dimitris Zacharopoulos (HARICA), Don Sheehy (CPA Canada), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Eva Van Steenberge (GlobalSign), Fotis Loukos (SSL.com), Frank Corday (SecureTrust), Geoff Keating (Apple), Georgy Sebastian (Amazon Trust Services), Gordon Bock (Microsoft), Hwai-Ling Shan (Chunghwa Telecom Co. Ltd.), Iñigo Barreira (360), Janet Treasure (CPA Canada), Jason Cooper (Microsoft), Jeff Ward (WebTrust/BDO), Jeremy Rowley (DigiCert), Joanna Fox (GoDaddy), Jos Purvis (Cisco), Josselin Allemandou (Dhimyotis (Certigna)), Karina Sirota (Microsoft), Kathleen Wilson (Mozilla), Ken Myers (FPKI), Khadija Amin (Cisco), Leo Grove (SSL.com), Li-Chun Chen (Chunghwa Telecom Co. Ltd.), Matthias Wiedenhorst (ACAB-c / TÜViT), Michelle Coon (OATI), Mike Guenther (SwissSign), Mike Reilly (Microsoft), Nur H. Kuran (E-Tugra), Philippe Bouchet (ACAB’C/LSTI), Renne Rodriguez (Apple), Rich Smith (Sectigo), Robin Alden (Sectigo), Romain Delval (Dhimyotis (Certigna)), Ryan Hurst (Google), Ryan Sleevi (Google), Scott Rea (DarkMatter), Somer Shively (Cisco), Tad Kaburaki (Amazon Trust Services), Tadahiko Ito (Secom), Xingkun Tang (SHECA), Tim Callan (Sectigo), Tim Hollebeek (DigiCert), Tim Shirley (SecureTrust), Trevoli Ponds-White (Amazon Trust Services), VijayaKumar Manjunatha (eMudhra), Wayne Thayer (Mozilla), Wei Yicai (GDCA), Xiu Lei (GDCA), Yuu Hidaka (Secom), Zane Lewiston (Microsoft), Zhihui Liang (360).
2019-04-18 Minutes of the Server Certificate Working Group
May 3, 2019 by Jos PurvisAttendees (in alphabetical order) Chris Kemmerer (SSL.com), Daymion Reynolds (GoDaddy), Dean Coclin (Digicert), Devon O’Brien (Google), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Frank Corday (SecureTrust), Geoff Keating (Apple), Inaba Atsushi (GlobalSign), Joanna Fox (GoDaddy), Jos Purvis (Cisco Systems), Kirk Hall (Entrust Datacard), Li-Chun Chen (Chunghwa Telecom), Michael Guenther (SwissSign), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter (SecureTrust), Peter Miskovic (Disig), Rich Smith (Sectigo), Ryan Sleevi (Google), Scott Rea (Dark Matter), Shelley Brewer (Digicert), Tim Hollebeek (Digicert), Tim Shirley (SecureTrust), Timo Schmitt (SwissSign), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).
May 3, 2019 by Jos PurvisAttendees (in alphabetical order) Chris Kemmerer (SSL.com), Daymion Reynolds (GoDaddy), Dean Coclin (Digicert), Devon O’Brien (Google), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Frank Corday (SecureTrust), Geoff Keating (Apple), Inaba Atsushi (GlobalSign), Joanna Fox (GoDaddy), Jos Purvis (Cisco Systems), Kirk Hall (Entrust Datacard), Li-Chun Chen (Chunghwa Telecom), Michael Guenther (SwissSign), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter (SecureTrust), Peter Miskovic (Disig), Rich Smith (Sectigo), Ryan Sleevi (Google), Scott Rea (Dark Matter), Shelley Brewer (Digicert), Tim Hollebeek (Digicert), Tim Shirley (SecureTrust), Timo Schmitt (SwissSign), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).
2019-04-18 Minutes for the CA/Browser Forum Teleconference
May 3, 2019 by Jos PurvisAttendees (in alphabetical order) Chris Kemmerer (SSL.com), Daymion Reynolds (GoDaddy), Dean Coclin (Digicert), Devon O’Brien (Google), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Frank Corday (SecureTrust), Geoff Keating (Apple), Inaba Atsushi (GlobalSign), Joanna Fox (GoDaddy), Jos Purvis (Cisco Systems), Kirk Hall (Entrust Datacard), Li-Chun Chen (Chunghwa Telecom), Michael Guenther (SwissSign), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter (SecureTrust), Peter Miskovic (Disig), Rich Smith (Sectigo), Ryan Sleevi (Google), Scott Rea (Dark Matter), Shelley Brewer (Digicert), Tim Hollebeek (Digicert), Tim Shirley (SecureTrust), Timo Schmitt (SwissSign), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).
May 3, 2019 by Jos PurvisAttendees (in alphabetical order) Chris Kemmerer (SSL.com), Daymion Reynolds (GoDaddy), Dean Coclin (Digicert), Devon O’Brien (Google), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Frank Corday (SecureTrust), Geoff Keating (Apple), Inaba Atsushi (GlobalSign), Joanna Fox (GoDaddy), Jos Purvis (Cisco Systems), Kirk Hall (Entrust Datacard), Li-Chun Chen (Chunghwa Telecom), Michael Guenther (SwissSign), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter (SecureTrust), Peter Miskovic (Disig), Rich Smith (Sectigo), Ryan Sleevi (Google), Scott Rea (Dark Matter), Shelley Brewer (Digicert), Tim Hollebeek (Digicert), Tim Shirley (SecureTrust), Timo Schmitt (SwissSign), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).
Ballot SC018: Phone Contact with DNS CAA Phone Contact
May 1, 2019 by Wayne ThayerThe voting period for Ballot SC18 has ended and the Ballot has Failed. Here are the results: Voting by Certificate Issuers – 10 votes total including abstentions 1 Yes vote: Comsign 9 No votes: Certum (Asseco), Chunghwa Telecom, DarkMatter, DigiCert, eMudhra, Entrust Datacard, GlobalSign, Kamu SM, TrustCor **0 Abstain: ** 10% of voting Certificate Issuers voted in favor. Voting by Certificate Consumers – 1 vote total including abstentions 0 Yes votes:
May 1, 2019 by Wayne ThayerThe voting period for Ballot SC18 has ended and the Ballot has Failed. Here are the results: Voting by Certificate Issuers – 10 votes total including abstentions 1 Yes vote: Comsign 9 No votes: Certum (Asseco), Chunghwa Telecom, DarkMatter, DigiCert, eMudhra, Entrust Datacard, GlobalSign, Kamu SM, TrustCor **0 Abstain: ** 10% of voting Certificate Issuers voted in favor. Voting by Certificate Consumers – 1 vote total including abstentions 0 Yes votes: