CA/Browser Forum posts
2018-11-29 Minutes for Server Certificate Working Group Teleconference
November 29, 2018 by Ben WilsonAttendees (in alphabetical order) Anna Weinberg (Apple), Ben Wilson (Digicert), Bruce Morton (Entrust Datacard), Chris Kemmerer (SSL.com), Dean Coclin (Digicert), Devon O’Brien (Google), Dimitris Zacharopoulos (HARICA), Enrico Entschew (D-TRUST), Fotis Loukos (SSL.com), Frank Corday (Trustwave), Geoff Keating (Apple), Gordon Bock (Microsoft), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Jeff Ward (CPA Canada/WebTrust), Joanna Fox (GoDaddy), Jos Purvis (Cisco Systems), Julie Olson (Globalsign), Kenneth Myers (US Federal PKI Management Authority), Kirk Hall (Entrust Datacard), Li-Chun Chen (Chunghwa Telecom), Marcelo Silva (Visa), Michelle Coon (OATI), Neil Dunbar (TrustCor Systems), Peter Miskovic (Disig), Ryan Sleevi (Google), Scott Rea (Dark Matter), Shelley Brewer (Digicert), Tim Hollebeek (Digicert), Tim Shirley (Trustwave), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla).
November 29, 2018 by Ben WilsonAttendees (in alphabetical order) Anna Weinberg (Apple), Ben Wilson (Digicert), Bruce Morton (Entrust Datacard), Chris Kemmerer (SSL.com), Dean Coclin (Digicert), Devon O’Brien (Google), Dimitris Zacharopoulos (HARICA), Enrico Entschew (D-TRUST), Fotis Loukos (SSL.com), Frank Corday (Trustwave), Geoff Keating (Apple), Gordon Bock (Microsoft), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Jeff Ward (CPA Canada/WebTrust), Joanna Fox (GoDaddy), Jos Purvis (Cisco Systems), Julie Olson (Globalsign), Kenneth Myers (US Federal PKI Management Authority), Kirk Hall (Entrust Datacard), Li-Chun Chen (Chunghwa Telecom), Marcelo Silva (Visa), Michelle Coon (OATI), Neil Dunbar (TrustCor Systems), Peter Miskovic (Disig), Ryan Sleevi (Google), Scott Rea (Dark Matter), Shelley Brewer (Digicert), Tim Hollebeek (Digicert), Tim Shirley (Trustwave), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla).
2018-11-15 Minutes of the CA/Browser Forum
November 15, 2018 by Jos PurvisAttendees (in alphabetical order) Anna Weinberg (Apple), Arno Fiedler (D-TRUST), Ben Wilson (Digicert), Bruce Morton (Entrust Datacard), Chris Kemmerer (SSL.com), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Fotis Loukos (SSL.com), Frank Corday (Trustwave), Geoff Keating (Apple), Gordon Bock (Microsoft), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Jeff Ward (CPA Canada/WebTrust), Joanna Fox (GoDaddy), Jos Purvis (Cisco Systems), Kenneth Myers (US Federal PKI Management Authority), Kirk Hall (Entrust Datacard), Leo Grove (SSL.com), Mads Henriksveen (Buypass AS), Marcelo Silva (Visa), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Rich Smith (Sectigo), Robin Alden (Sectigo), Tim Callan (Sectigo), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).
November 15, 2018 by Jos PurvisAttendees (in alphabetical order) Anna Weinberg (Apple), Arno Fiedler (D-TRUST), Ben Wilson (Digicert), Bruce Morton (Entrust Datacard), Chris Kemmerer (SSL.com), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Fotis Loukos (SSL.com), Frank Corday (Trustwave), Geoff Keating (Apple), Gordon Bock (Microsoft), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Jeff Ward (CPA Canada/WebTrust), Joanna Fox (GoDaddy), Jos Purvis (Cisco Systems), Kenneth Myers (US Federal PKI Management Authority), Kirk Hall (Entrust Datacard), Leo Grove (SSL.com), Mads Henriksveen (Buypass AS), Marcelo Silva (Visa), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Rich Smith (Sectigo), Robin Alden (Sectigo), Tim Callan (Sectigo), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).
2018-11-15 Minutes of the Server Certificate Working Group
November 15, 2018 by Jos PurvisAttendees (in alphabetical order) Anna Weinberg (Apple), Arno Fiedler (D-TRUST), Ben Wilson (Digicert), Bruce Morton (Entrust Datacard), Chris Kemmerer (SSL.com), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Fotis Loukos (SSL.com), Frank Corday (Trustwave), Geoff Keating (Apple), Gordon Bock (Microsoft), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Jeff Ward (CPA Canada/WebTrust), Joanna Fox (GoDaddy), Jos Purvis (Cisco Systems), Kenneth Myers (US Federal PKI Management Authority), Kirk Hall (Entrust Datacard), Leo Grove (SSL.com), Mads Henriksveen (Buypass AS), Marcelo Silva (Visa), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Rich Smith (Sectigo), Robin Alden (Sectigo), Tim Callan (Sectigo), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).
November 15, 2018 by Jos PurvisAttendees (in alphabetical order) Anna Weinberg (Apple), Arno Fiedler (D-TRUST), Ben Wilson (Digicert), Bruce Morton (Entrust Datacard), Chris Kemmerer (SSL.com), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Fotis Loukos (SSL.com), Frank Corday (Trustwave), Geoff Keating (Apple), Gordon Bock (Microsoft), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Jeff Ward (CPA Canada/WebTrust), Joanna Fox (GoDaddy), Jos Purvis (Cisco Systems), Kenneth Myers (US Federal PKI Management Authority), Kirk Hall (Entrust Datacard), Leo Grove (SSL.com), Mads Henriksveen (Buypass AS), Marcelo Silva (Visa), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Rich Smith (Sectigo), Robin Alden (Sectigo), Tim Callan (Sectigo), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).
Ballot SC012: Sunset of Underscores in dNSNames
November 12, 2018 by Wayne ThayerThe voting period for Ballot SC12 has ended and the Ballot has Passed. Here are the results: Voting by Certificate Issuers – 23 votes total including abstentions 20 Yes votes: Actalis, Amazon, Buypass, Camerfirma, Certum (Asseco), Sectigo (former Comodo CA), D-TRUST, DigiCert, Digidentity, DocuSign France, GDCA, GlobalSign, GoDaddy, HARICA, Izenpe, QuoVadis, SHECA, SSL.com, TWCA, Trustwave 2 No votes: Chunghwa Telecom, Entrust Datacard 1 Abstain: TrustCor 91% of voting Certificate Issuers voted in favor.
November 12, 2018 by Wayne ThayerThe voting period for Ballot SC12 has ended and the Ballot has Passed. Here are the results: Voting by Certificate Issuers – 23 votes total including abstentions 20 Yes votes: Actalis, Amazon, Buypass, Camerfirma, Certum (Asseco), Sectigo (former Comodo CA), D-TRUST, DigiCert, Digidentity, DocuSign France, GDCA, GlobalSign, GoDaddy, HARICA, Izenpe, QuoVadis, SHECA, SSL.com, TWCA, Trustwave 2 No votes: Chunghwa Telecom, Entrust Datacard 1 Abstain: TrustCor 91% of voting Certificate Issuers voted in favor.
Ballot SC004: CAA Contact Property and Associated E-mail Validation Method
November 6, 2018 by Jos PurvisThis ballot was in the review period for more than 21 days and voting did not start. According to section 2.3c of the Bylaws, the ballot has failed. Purpose of Ballot: Increasingly, contact information is not available in WHOIS due to concerns about potential GDPR violations. This ballot specifies a method by which domain holders can publish their contact information via DNS, and how CAs can use that information for validating domain control.
November 6, 2018 by Jos PurvisThis ballot was in the review period for more than 21 days and voting did not start. According to section 2.3c of the Bylaws, the ballot has failed. Purpose of Ballot: Increasingly, contact information is not available in WHOIS due to concerns about potential GDPR violations. This ballot specifies a method by which domain holders can publish their contact information via DNS, and how CAs can use that information for validating domain control.
2018-11-01 Minutes of the Server Certificate Working Group
November 1, 2018 by Jos PurvisAttendees (in alphabetical order) Ben Wilson (Digicert), Bruce Morton (Entrust Datacard), Chris Kemmerer (SSL.com), Daymion Reynolds (GoDaddy), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Enrico Entschew (D-TRUST), Fotis Loukos (SSL.com), Frank Corday (Trustwave), Geoff Keating (Apple), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Jeff Ward (CPA Canada/WebTrust), Joanna Fox (GoDaddy), Jos Purvis (Cisco Systems), Kirk Hall (Entrust Datacard), Li-Chun Chen (Chunghwa Telecom Co. Ltd.), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Ryan Sleevi (Google), Shelley Brewer (Digicert), Tim Callan (Comodo CA –> Sectigo), Tim Shirley (Trustwave), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).
November 1, 2018 by Jos PurvisAttendees (in alphabetical order) Ben Wilson (Digicert), Bruce Morton (Entrust Datacard), Chris Kemmerer (SSL.com), Daymion Reynolds (GoDaddy), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Enrico Entschew (D-TRUST), Fotis Loukos (SSL.com), Frank Corday (Trustwave), Geoff Keating (Apple), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Jeff Ward (CPA Canada/WebTrust), Joanna Fox (GoDaddy), Jos Purvis (Cisco Systems), Kirk Hall (Entrust Datacard), Li-Chun Chen (Chunghwa Telecom Co. Ltd.), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Ryan Sleevi (Google), Shelley Brewer (Digicert), Tim Callan (Comodo CA –> Sectigo), Tim Shirley (Trustwave), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).
2018-Nov-01 Minutes of CA/Browser Forum
November 1, 2018 by Jos PurvisAttendees (in alphabetical order) Ben Wilson (Digicert), Bruce Morton (Entrust Datacard), Chris Kemmerer (SSL.com), Daymion Reynolds (GoDaddy), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Enrico Entschew (D-TRUST), Fotis Loukos (SSL.com), Frank Corday (Trustwave), Geoff Keating (Apple), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Jeff Ward (CPA Canada/WebTrust), Joanna Fox (GoDaddy), Jos Purvis (Cisco Systems), Kirk Hall (Entrust Datacard), Li-Chun Chen (Chunghwa Telecom Co. Ltd.), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Ryan Sleevi (Google), Shelley Brewer (Digicert), Tim Callan (Comodo CA –> Sectigo), Tim Shirley (Trustwave), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).
November 1, 2018 by Jos PurvisAttendees (in alphabetical order) Ben Wilson (Digicert), Bruce Morton (Entrust Datacard), Chris Kemmerer (SSL.com), Daymion Reynolds (GoDaddy), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Enrico Entschew (D-TRUST), Fotis Loukos (SSL.com), Frank Corday (Trustwave), Geoff Keating (Apple), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Jeff Ward (CPA Canada/WebTrust), Joanna Fox (GoDaddy), Jos Purvis (Cisco Systems), Kirk Hall (Entrust Datacard), Li-Chun Chen (Chunghwa Telecom Co. Ltd.), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Ryan Sleevi (Google), Shelley Brewer (Digicert), Tim Callan (Comodo CA –> Sectigo), Tim Shirley (Trustwave), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).
Minutes of the F2F 45 Meeting in Shanghai, China, 17-18 October 2018
October 18, 2018 by Jos PurvisDay One – 17 October 2018 Attendees on October 17, 2018: Iñigo Barreira, 360; Richard Wang, 360 Group; Billy Qin, 360 Group; Danny Wu, 360 Group; Clemens Wanko, ACAB’c; Phillipe Bouchet, ACAB’c; Trevoli Ponds-White, Amazon Trust Services; Xiaosi Li, Amazon Trust Services; Geoff Keating, Apple; Paul Yang, BaishanCloud / OpenSSL; Franck Leroy, Certinomis (Docapost); Aleksandra Kapinos, Certum; Wojciech Trapczyński, Certum; Yi Zhang, CFCA; Jonathan Sun, CFCA; Ivy Xu, CFCA; J.P. Hamilton, Cisco; Jos Purvis, Cisco; Robin Alden, Comodo CA; Tony K.F. Chan, Deloitte China (Beijing); Jesse Yun He Wang, Deloitte China (Beijing); Putzy De Wei Lu, Deloitte China (Beijing); Peter Koo, Deloitte China (Hong Kong); Ben Wilson, DigiCert; Tim Hollebeek, DigiCert; Arno Fiedler, D-TRUST; Enrico Entschew, D-TRUST; Vijayakumar (Vijay) Manjunatha, eMudhra Technologies Limited; Kirk Hall, Entrust Datacard; Bruce Morton, Entrust Datacard; Chris Bailey, Entrust Datacard; Ken Myers, Federal PKI; Wei Yicai, GDCA; Zhang Yongqiang, GDCA; Wang Chunlan, GDCA; Xiu Lei, GDCA; Atsushi Inaba, GlobalSign; Doug Beattie, GlobalSign; Daymion Reynolds, GoDaddy; Adam Sink, GoDaddy; Devon O’Brien, Google; Ryan Sleevi, Google; Ryan Hurst, Google; Dimitris Zacharopoulos, HARICA; Xu Jiang 徐江, Huace Network Security Cert. Auth.; Zhang Yong, Huace Network Security Cert. Auth.; Rachel Gao, Huace Network Security Cert. Auth.; Mike Reilly, Microsoft; Gordon Bock, Microsoft; Wayne Thayer, Mozilla; Tomasz Nowak, Opera; Albert L. Lam, PwC; Freeman Guo, PwC; Tadahiko Ito, SECOM; Cui Jiuqiang, SHECA; Dai Yeqi, SHECA; William Luo, ShenZhen Digital Certificate Authority Center Co., Ltd; Zheng Huitao, ShenZhen Digital Certificate Authority Center Co., Ltd; Fotis Loukos, SSL.com; Leo Grove, SSL.com; Matthias Bartholdi, SwissSign; Edwin Zhai, TrustAsia Technologies, Inc.; Jack Zhang, TrustAsia Technologies, Inc.; Frank Corday, Trustwave; Jeff Ward, WebTrust/BDO; Don Sheehy, WebTrust/CPA Canada.
October 18, 2018 by Jos PurvisDay One – 17 October 2018 Attendees on October 17, 2018: Iñigo Barreira, 360; Richard Wang, 360 Group; Billy Qin, 360 Group; Danny Wu, 360 Group; Clemens Wanko, ACAB’c; Phillipe Bouchet, ACAB’c; Trevoli Ponds-White, Amazon Trust Services; Xiaosi Li, Amazon Trust Services; Geoff Keating, Apple; Paul Yang, BaishanCloud / OpenSSL; Franck Leroy, Certinomis (Docapost); Aleksandra Kapinos, Certum; Wojciech Trapczyński, Certum; Yi Zhang, CFCA; Jonathan Sun, CFCA; Ivy Xu, CFCA; J.P. Hamilton, Cisco; Jos Purvis, Cisco; Robin Alden, Comodo CA; Tony K.F. Chan, Deloitte China (Beijing); Jesse Yun He Wang, Deloitte China (Beijing); Putzy De Wei Lu, Deloitte China (Beijing); Peter Koo, Deloitte China (Hong Kong); Ben Wilson, DigiCert; Tim Hollebeek, DigiCert; Arno Fiedler, D-TRUST; Enrico Entschew, D-TRUST; Vijayakumar (Vijay) Manjunatha, eMudhra Technologies Limited; Kirk Hall, Entrust Datacard; Bruce Morton, Entrust Datacard; Chris Bailey, Entrust Datacard; Ken Myers, Federal PKI; Wei Yicai, GDCA; Zhang Yongqiang, GDCA; Wang Chunlan, GDCA; Xiu Lei, GDCA; Atsushi Inaba, GlobalSign; Doug Beattie, GlobalSign; Daymion Reynolds, GoDaddy; Adam Sink, GoDaddy; Devon O’Brien, Google; Ryan Sleevi, Google; Ryan Hurst, Google; Dimitris Zacharopoulos, HARICA; Xu Jiang 徐江, Huace Network Security Cert. Auth.; Zhang Yong, Huace Network Security Cert. Auth.; Rachel Gao, Huace Network Security Cert. Auth.; Mike Reilly, Microsoft; Gordon Bock, Microsoft; Wayne Thayer, Mozilla; Tomasz Nowak, Opera; Albert L. Lam, PwC; Freeman Guo, PwC; Tadahiko Ito, SECOM; Cui Jiuqiang, SHECA; Dai Yeqi, SHECA; William Luo, ShenZhen Digital Certificate Authority Center Co., Ltd; Zheng Huitao, ShenZhen Digital Certificate Authority Center Co., Ltd; Fotis Loukos, SSL.com; Leo Grove, SSL.com; Matthias Bartholdi, SwissSign; Edwin Zhai, TrustAsia Technologies, Inc.; Jack Zhang, TrustAsia Technologies, Inc.; Frank Corday, Trustwave; Jeff Ward, WebTrust/BDO; Don Sheehy, WebTrust/CPA Canada.
Ballot Forum-7: Update ETSI requirements in SCWG Charter
October 9, 2018 by Jos PurvisThe voting period for Ballot Forum-7 has ended and the ballot has passed. Here are the results. Voting by CAs – 10 votes total including abstentions 10 Yes votes: Buypass, Certinomis, D-TRUST, Disig, Entrust Datacard, HARICA, Logius PKIoverheid, QuoVadis, SSC 0 No votes: 1 Abstain: Visa 100% of voting CAs voted in favor Voting by browsers – 3 votes total including abstentions 3 Yes votes: Microsoft, Mozilla, 360 0 No votes: 0 Abstain: 100% of voting browsers voted in favor
October 9, 2018 by Jos PurvisThe voting period for Ballot Forum-7 has ended and the ballot has passed. Here are the results. Voting by CAs – 10 votes total including abstentions 10 Yes votes: Buypass, Certinomis, D-TRUST, Disig, Entrust Datacard, HARICA, Logius PKIoverheid, QuoVadis, SSC 0 No votes: 1 Abstain: Visa 100% of voting CAs voted in favor Voting by browsers – 3 votes total including abstentions 3 Yes votes: Microsoft, Mozilla, 360 0 No votes: 0 Abstain: 100% of voting browsers voted in favor
Ballot SC010: Establishing the Network Security Subcommittee of the SCWG
October 4, 2018 by Jos PurvisThe voting period for Ballot SC10 has ended and the ballot has passed. Here are the results. Voting by CAs – 18 votes total including abstentions 18 Yes votes: Buypass, Camerfirma, CFCA, Chunghwa Telecom, D-TRUST, DigiCert, Disig, Entrust Datacard, Firmaprofesional, GDCA, GlobalSign, HARICA, QuoVadis, SSL.com, TWCA, TrustCor, Trustwave, Visa 0 No votes: 0 Abstain: 100% of voting CAs voted in favor Voting by browsers – 4 votes total including abstentions 4 Yes votes: Cisco, Microsoft, Mozilla, 360 0 No votes: 0 Abstain: 100% of voting browsers voted in favor
October 4, 2018 by Jos PurvisThe voting period for Ballot SC10 has ended and the ballot has passed. Here are the results. Voting by CAs – 18 votes total including abstentions 18 Yes votes: Buypass, Camerfirma, CFCA, Chunghwa Telecom, D-TRUST, DigiCert, Disig, Entrust Datacard, Firmaprofesional, GDCA, GlobalSign, HARICA, QuoVadis, SSL.com, TWCA, TrustCor, Trustwave, Visa 0 No votes: 0 Abstain: 100% of voting CAs voted in favor Voting by browsers – 4 votes total including abstentions 4 Yes votes: Cisco, Microsoft, Mozilla, 360 0 No votes: 0 Abstain: 100% of voting browsers voted in favor