CA/Browser Forum posts
2014-05-01 Minutes
May 1, 2014 by Ben WilsonNotes of meeting, CAB Forum, 1 May 2014, Version 2 1. Antitrust Statement
May 1, 2014 by Ben WilsonNotes of meeting, CAB Forum, 1 May 2014, Version 2 1. Antitrust Statement
Turktrust Statement on Root CA Recognition Process
April 17, 2014 by Ben WilsonAs a member of the CA/Browser Forum, we want to share our experiences with trying to overcome hurdles with trust anchor programs during recognition processes. This is not a complaint issue, we just want to discuss it and open to any kind of advice. Oracle is not a member of the Forum, yet we want to mention that we have spent a lot of efforts to complete the application form. The only answer was that we had been rejected without giving any reason. They have said please apply 6 months later. We have asked for the reasons of rejection and what kind of improvements should we make to be successful. Simply, there was no response.
April 17, 2014 by Ben WilsonAs a member of the CA/Browser Forum, we want to share our experiences with trying to overcome hurdles with trust anchor programs during recognition processes. This is not a complaint issue, we just want to discuss it and open to any kind of advice. Oracle is not a member of the Forum, yet we want to mention that we have spent a lot of efforts to complete the application form. The only answer was that we had been rejected without giving any reason. They have said please apply 6 months later. We have asked for the reasons of rejection and what kind of improvements should we make to be successful. Simply, there was no response.
2014-04-17 Minutes
April 17, 2014 by Ben WilsonNotes of meeting, CAB Forum, 17 April 2014, Version 1 1. Antitrust Statement – read by Ben.
April 17, 2014 by Ben WilsonNotes of meeting, CAB Forum, 17 April 2014, Version 1 1. Antitrust Statement – read by Ben.
WebTrust Releases New Audit Criteria for Extended Validation and Baseline Requirements
April 5, 2014 by Ben WilsonOn April 3, 2014, the WebTrust® Task Force of the American Institute of CPAs (AICPA) and Chartered Professional Accountants Canada (CPA Canada) released three new audit criteria documents to the CA/Browser Forum and others for review and/or implementation. These documents are part of the WebTrust Program for Certification Authorities and are based on the CA/Browser Forum Guidelines. The Trust Services Principles and Criteria for Certification Authorities – Extended Validation SSL – Version 1.4.5 is based on the Forum’s Guidelines for the Issuance and Management of Extended Validation SSL Certificates – Version 1.4.5 and is effective immediately (3 April 2014).
April 5, 2014 by Ben WilsonOn April 3, 2014, the WebTrust® Task Force of the American Institute of CPAs (AICPA) and Chartered Professional Accountants Canada (CPA Canada) released three new audit criteria documents to the CA/Browser Forum and others for review and/or implementation. These documents are part of the WebTrust Program for Certification Authorities and are based on the CA/Browser Forum Guidelines. The Trust Services Principles and Criteria for Certification Authorities – Extended Validation SSL – Version 1.4.5 is based on the Forum’s Guidelines for the Issuance and Management of Extended Validation SSL Certificates – Version 1.4.5 and is effective immediately (3 April 2014).
Ballot 112 – Replace Definition of “Internal Server Name” with “Internal Name”(passed)
April 3, 2014 by Ben WilsonBallot 112 – Replace Definition of “Internal Server Name” with “Internal Name” Votes in Favor: ANF, Buypass, Comodo, DigiCert, Disig, FirmaProfesional, GlobalSign, GoDaddy, Logius PKIoverheid, QuoVadis, Sertifitseerimiskeskus, SSC, StartCom, SwissSign, Symantec,Trend Micro, Trustis, TURKTRUST, TAIWAN-CA, WoSign, Mozilla and Google No abstentions or nay votes. Ballot passed. The current definition of Internal Server Name is ambiguous. It reads, “A Server Name (which may or may not include an Unregistered Domain Name) that is not resolvable using the public DNS.”
April 3, 2014 by Ben WilsonBallot 112 – Replace Definition of “Internal Server Name” with “Internal Name” Votes in Favor: ANF, Buypass, Comodo, DigiCert, Disig, FirmaProfesional, GlobalSign, GoDaddy, Logius PKIoverheid, QuoVadis, Sertifitseerimiskeskus, SSC, StartCom, SwissSign, Symantec,Trend Micro, Trustis, TURKTRUST, TAIWAN-CA, WoSign, Mozilla and Google No abstentions or nay votes. Ballot passed. The current definition of Internal Server Name is ambiguous. It reads, “A Server Name (which may or may not include an Unregistered Domain Name) that is not resolvable using the public DNS.”
2014-04-03 Minutes
April 3, 2014 by Ben WilsonMinutes of 3 April 2014 1. Antitrust Statement – read by Dean.
April 3, 2014 by Ben WilsonMinutes of 3 April 2014 1. Antitrust Statement – read by Dean.
CA/Browser Forum Revises Bylaws for Associate Members
March 25, 2014 by Ben WilsonCA/Browser Forum Revises Bylaws for Associate Members On March 25, 2014, the CA/Browser Forum adopted version 1.1 of its bylaws to recognize its long-standing relationships, industry liaisons, and involvement of other organizations in the Forum’s activities. These have included the AICPA/CICA WebTrust Task Force, the European Telecommunications Standards Institute, and several other organizations. A copy of these new bylaws is now posted on the Bylaws page of the Forum’s site.
March 25, 2014 by Ben WilsonCA/Browser Forum Revises Bylaws for Associate Members On March 25, 2014, the CA/Browser Forum adopted version 1.1 of its bylaws to recognize its long-standing relationships, industry liaisons, and involvement of other organizations in the Forum’s activities. These have included the AICPA/CICA WebTrust Task Force, the European Telecommunications Standards Institute, and several other organizations. A copy of these new bylaws is now posted on the Bylaws page of the Forum’s site.
Ballot 119 – Remove “OfIncorporation” from OID descriptions in EVG 9.2.5(passed)
March 24, 2014 by Ben WilsonBallot 119 – Remove “OfIncorporation” from OID descriptions in EVG 9.2.5 Yea: ANF, Certinomis, Comodo, DigiCert, GlobalSign, Izenpe, Logius PKIoverheid, OpenTrust, QuoVadis, SECOM Trust, SSC, StartCom, Symantec, Trend Micro, Trustis, WoSign, Google, Microsoft, and Mozilla. Nay: None Abstain: None Result: Ballot passed Rob Stradling of Comodo made the following motion, and Ben Wilson from DigiCert and Chema López González from AC Firmaprofesional S.A. have endorsed it. The EV Guidelines require certificates to include the jurisdiction where the Subject has registered or incorporated. Subsection 9.2.5 of the EV Guidelines is titled, “Subject Jurisdiction of Incorporation or Registration Field”. However, the OID names provided in that section use the string “OfIncorporation”, which is overly specific and might be considered misleading, because not all business entities with EV certificates are corporations. Therefore, the string “OfIncorporation” should be deleted from these OID names.
March 24, 2014 by Ben WilsonBallot 119 – Remove “OfIncorporation” from OID descriptions in EVG 9.2.5 Yea: ANF, Certinomis, Comodo, DigiCert, GlobalSign, Izenpe, Logius PKIoverheid, OpenTrust, QuoVadis, SECOM Trust, SSC, StartCom, Symantec, Trend Micro, Trustis, WoSign, Google, Microsoft, and Mozilla. Nay: None Abstain: None Result: Ballot passed Rob Stradling of Comodo made the following motion, and Ben Wilson from DigiCert and Chema López González from AC Firmaprofesional S.A. have endorsed it. The EV Guidelines require certificates to include the jurisdiction where the Subject has registered or incorporated. Subsection 9.2.5 of the EV Guidelines is titled, “Subject Jurisdiction of Incorporation or Registration Field”. However, the OID names provided in that section use the string “OfIncorporation”, which is overly specific and might be considered misleading, because not all business entities with EV certificates are corporations. Therefore, the string “OfIncorporation” should be deleted from these OID names.
Ballot 117 – EV Code Signing Guidelines Corrections(passed)
March 24, 2014 by Ben WilsonBallot 117 – EV Code Signing Guidelines Corrections Yea: ANF, Certinomis, DigiCert, GlobalSign, Izenpe, Logius PKIoverheid, OpenTrust, QuoVadis, SECOM Trust, SSC, StartCom, Symantec, Trend Micro, Trustis, WoSign, Microsoft, and Mozilla. Nay: Comodo, Network Solutions, and Google. Abstain: Buypass Results: Ballot passed Updated version is posted here on the EV Code Signing page. Jeremy Rowley of DigiCert made the following motion, and Iñigo Barreira of Izenpe and Rick Andrews of Symantec endorsed it.
March 24, 2014 by Ben WilsonBallot 117 – EV Code Signing Guidelines Corrections Yea: ANF, Certinomis, DigiCert, GlobalSign, Izenpe, Logius PKIoverheid, OpenTrust, QuoVadis, SECOM Trust, SSC, StartCom, Symantec, Trend Micro, Trustis, WoSign, Microsoft, and Mozilla. Nay: Comodo, Network Solutions, and Google. Abstain: Buypass Results: Ballot passed Updated version is posted here on the EV Code Signing page. Jeremy Rowley of DigiCert made the following motion, and Iñigo Barreira of Izenpe and Rick Andrews of Symantec endorsed it.
Ballot 116 – Bylaw Amendment for Associate Member Category(passed)
March 24, 2014 by Ben WilsonBallot 116 – Associate Member Category Yea: ANF, Certinomis, DigiCert, GlobalSign, Izenpe, Logius PKIoverheid, OpenTrust, QuoVadis, SECOM Trust, SSC, StartCom, Symantec, Trend Micro, Trustis, WoSign, Microsoft, and Mozilla Nay: None Abstain: None Results: Ballot passed Ben Wilson of DigiCert made the following motion, and Dean Coclin from Symantec and Ryan Sleevi from Google endorsed it: Motion Begins In order to reconcile the CA/Browser Forum’s Bylaws with its current operational practices, including the recognition of Associate Members and the use of a single IPR Agreement with Interested Parties and the absence of a Participation Agreement, the following amendments should be made to the Bylaws:
March 24, 2014 by Ben WilsonBallot 116 – Associate Member Category Yea: ANF, Certinomis, DigiCert, GlobalSign, Izenpe, Logius PKIoverheid, OpenTrust, QuoVadis, SECOM Trust, SSC, StartCom, Symantec, Trend Micro, Trustis, WoSign, Microsoft, and Mozilla Nay: None Abstain: None Results: Ballot passed Ben Wilson of DigiCert made the following motion, and Dean Coclin from Symantec and Ryan Sleevi from Google endorsed it: Motion Begins In order to reconcile the CA/Browser Forum’s Bylaws with its current operational practices, including the recognition of Associate Members and the use of a single IPR Agreement with Interested Parties and the absence of a Participation Agreement, the following amendments should be made to the Bylaws: