CA/Browser Forum posts
Minutes of the F2F 33 Meeting in Beijing, China, 16-18 September 2014
September 16, 2014 by Ben WilsonMeeting 33 – Beijing ChinaThe antitrust statement was read. Present: Annabel Lewis, Arno Fiedler, Atilla Biler, Atsushi Inaba, Ben Wilson, Blues Lin, Bruce Morton, Cecilia Kam, Chris Bailey, Cui Jiu Qiang, David Chen, Dean Coclin, Don Sheehy, Doug Beattie, Gervase Markham, Haochun Li, Iñigo Barreira, Jeremy Rowley, John Johansen, Kirk Hall, Li-Chun Chen, Moudrick Dadashov, Patricia Forsyth, Richard Wang, Rick Andrews, Ryan Sleevi (by telephone), Tom Albertson, Wayne Thayer, Hanrui Gao (Day 2)
September 16, 2014 by Ben WilsonMeeting 33 – Beijing ChinaThe antitrust statement was read. Present: Annabel Lewis, Arno Fiedler, Atilla Biler, Atsushi Inaba, Ben Wilson, Blues Lin, Bruce Morton, Cecilia Kam, Chris Bailey, Cui Jiu Qiang, David Chen, Dean Coclin, Don Sheehy, Doug Beattie, Gervase Markham, Haochun Li, Iñigo Barreira, Jeremy Rowley, John Johansen, Kirk Hall, Li-Chun Chen, Moudrick Dadashov, Patricia Forsyth, Richard Wang, Rick Andrews, Ryan Sleevi (by telephone), Tom Albertson, Wayne Thayer, Hanrui Gao (Day 2)
Ballot 132 – EV Code Signing Timestamp Validity Period (passed)
September 16, 2014 by Ben WilsonVoting on Ballot 132 (amending the EV Code Signing Timestamp Validity Period) closed 16 September 2014. Voting in favor were: Actalis, Comodo, DigiCert, Disig, Entrust, GlobalSign, GoDaddy, OpenTrust, Symantec, Trend Micro, WoSign, ANF, Certum, Mozilla and Microsoft. There were no votes against and no abstentions. Therefore, Ballot 132 passed. Ballot 132 – EV Code Signing Timestamp Validity Period Rationale for Ballot 132 Ideally, TSA services should be consistent across the multiple services that rely on them (Code Signing, EV Code Signing, AATLs, etc.)
September 16, 2014 by Ben WilsonVoting on Ballot 132 (amending the EV Code Signing Timestamp Validity Period) closed 16 September 2014. Voting in favor were: Actalis, Comodo, DigiCert, Disig, Entrust, GlobalSign, GoDaddy, OpenTrust, Symantec, Trend Micro, WoSign, ANF, Certum, Mozilla and Microsoft. There were no votes against and no abstentions. Therefore, Ballot 132 passed. Ballot 132 – EV Code Signing Timestamp Validity Period Rationale for Ballot 132 Ideally, TSA services should be consistent across the multiple services that rely on them (Code Signing, EV Code Signing, AATLs, etc.)
Ballot 131 – Update to Verified Method of Communication (passed)
September 12, 2014 by Ben WilsonVoting on Ballot 131 (Update to Verified Method of Communication) closed last Friday. Voting in favor were: Actalis, Buypass, Comodo, DigiCert, Disig, Entrust, GlobalSign, GoDaddy, OpenTrust, QuoVadis, SECOM Trust, SSC, StartCom, Symantec, Trend Micro, Trustwave, Trustis, TURKTRUST, WoSign and Mozilla. There were no votes against and no abstentions. Therefore, Ballot 131 passed. Ballot 131 – Update to Verified Method of Communication The EV Guidelines Working Group has revisited Section 11.4 of the EV Guidelines (Applicant’s Physical Existence) and has decided that it is best to split it into two separate sections. Section 11.4.1 would remain as is for “Address of Applicant’s Place of Business.” Section 11.4.2 would be moved to its own section–a new 11.5, and all subsequent section numbers in 11 would be renumbered accordingly. The new Section 11.5 will focus on a verified means for communicating with the organization to be named as the subject in the certificate (to verify the authority of EV roles and ensure that it was appropriately aware of the certificate request).
September 12, 2014 by Ben WilsonVoting on Ballot 131 (Update to Verified Method of Communication) closed last Friday. Voting in favor were: Actalis, Buypass, Comodo, DigiCert, Disig, Entrust, GlobalSign, GoDaddy, OpenTrust, QuoVadis, SECOM Trust, SSC, StartCom, Symantec, Trend Micro, Trustwave, Trustis, TURKTRUST, WoSign and Mozilla. There were no votes against and no abstentions. Therefore, Ballot 131 passed. Ballot 131 – Update to Verified Method of Communication The EV Guidelines Working Group has revisited Section 11.4 of the EV Guidelines (Applicant’s Physical Existence) and has decided that it is best to split it into two separate sections. Section 11.4.1 would remain as is for “Address of Applicant’s Place of Business.” Section 11.4.2 would be moved to its own section–a new 11.5, and all subsequent section numbers in 11 would be renumbered accordingly. The new Section 11.5 will focus on a verified means for communicating with the organization to be named as the subject in the certificate (to verify the authority of EV roles and ensure that it was appropriately aware of the certificate request).
2014-09-04 Minutes
September 4, 2014 by Ben WilsonMinutes of CA/B Forum Teleconference – 4 Sept. 2014 1. Antitrust Statement: Read.
September 4, 2014 by Ben WilsonMinutes of CA/B Forum Teleconference – 4 Sept. 2014 1. Antitrust Statement: Read.
CA/Browser Forum Releases Code Signing Baseline Requirements Public Comment Draft
August 25, 2014 by Ben WilsonIn 2013, the CA/Browser Forum voted to create a Code Signing Working Group whose sole purpose was to come up with a set of Baseline Requirements for the issuance of Code Signing Certificates. The result of that effort is the: Baseline Requirements for Code Signing Certificates, Public Comment Draft (doc) Baseline Requirements for Code Signing Certificates, Public Comment Draft (pdf) Once approved by the CA/B Forum and subsequent audit standards are created, all Certificate Authorities will be obligated to follow these Requirements when issuing and managing code signing certificates.
August 25, 2014 by Ben WilsonIn 2013, the CA/Browser Forum voted to create a Code Signing Working Group whose sole purpose was to come up with a set of Baseline Requirements for the issuance of Code Signing Certificates. The result of that effort is the: Baseline Requirements for Code Signing Certificates, Public Comment Draft (doc) Baseline Requirements for Code Signing Certificates, Public Comment Draft (pdf) Once approved by the CA/B Forum and subsequent audit standards are created, all Certificate Authorities will be obligated to follow these Requirements when issuing and managing code signing certificates.
2014-08-21 Minutes
August 21, 2014 by Ben WilsonNotes of Teleconference – CA/B Forum 21 Aug 2014 Antitrust Statement: Read by Ben.
August 21, 2014 by Ben WilsonNotes of Teleconference – CA/B Forum 21 Aug 2014 Antitrust Statement: Read by Ben.
2014-08-07 Minutes
August 7, 2014 by Ben WilsonMinutes of CA/B Forum Teleconference, 7 August 2014 Antitrust Statement: Read by Ben.
August 7, 2014 by Ben WilsonMinutes of CA/B Forum Teleconference, 7 August 2014 Antitrust Statement: Read by Ben.
Ballot 129 – PSL in BR 11.1.3 (passed)
August 4, 2014 by Ben WilsonVoting on Ballot 129 closed on 4 August 2014. Voting in Favor were: DigiCert, Disig, GlobalSign, GoDaddy, Symantec, Trend Micro, Trustwave, WoSign, and Mozilla. None were opposed and none abstained. Quorum was met and Ballot 129 passed resulting in Baseline_Requirements_V1_1_9. Gerv Markham of Mozilla made the following motion, and Ben Wilson from Digicert and Rick Andrews from Symantec have endorsed it. Reason for Ballot This ballot simply clarifies how to use the “Public Suffix List” (PSL) in Section 11.1.3 of the Baseline Requirements. The explanation in the footnote to section 11.1.3 of the Baseline Requirements about how to use the PSL is ambiguous because the PSL has two sections–the “ICANN DOMAINS” section and the “PRIVATE DOMAINS” section. Therefore, clarification is needed to explain that it is the ICANN DOMAINS section of the PSL that CAs should use.
August 4, 2014 by Ben WilsonVoting on Ballot 129 closed on 4 August 2014. Voting in Favor were: DigiCert, Disig, GlobalSign, GoDaddy, Symantec, Trend Micro, Trustwave, WoSign, and Mozilla. None were opposed and none abstained. Quorum was met and Ballot 129 passed resulting in Baseline_Requirements_V1_1_9. Gerv Markham of Mozilla made the following motion, and Ben Wilson from Digicert and Rick Andrews from Symantec have endorsed it. Reason for Ballot This ballot simply clarifies how to use the “Public Suffix List” (PSL) in Section 11.1.3 of the Baseline Requirements. The explanation in the footnote to section 11.1.3 of the Baseline Requirements about how to use the PSL is ambiguous because the PSL has two sections–the “ICANN DOMAINS” section and the “PRIVATE DOMAINS” section. Therefore, clarification is needed to explain that it is the ICANN DOMAINS section of the PSL that CAs should use.
Ballot 126 – Operational Existence (passed)
July 24, 2014 by Ben WilsonVoting on Ballot 126 closed on 24 July 2014. Voting in favor were Comodo, DigiCert, Network Solutions, QuoVadis, Symantec, Trend Micro, WoSign, and Mozilla. Visa abstained. Quorum was met and Ballot 126 passed, resulting in EV SSL Certificate Guidelines Version 1.5.0. Ballot 126 – Operational Existence Jeremy Rowley of Digicert made the following motion and Cecilia Kam of Symantec and Doug Beattie of GlobalSign have endorsed it:
July 24, 2014 by Ben WilsonVoting on Ballot 126 closed on 24 July 2014. Voting in favor were Comodo, DigiCert, Network Solutions, QuoVadis, Symantec, Trend Micro, WoSign, and Mozilla. Visa abstained. Quorum was met and Ballot 126 passed, resulting in EV SSL Certificate Guidelines Version 1.5.0. Ballot 126 – Operational Existence Jeremy Rowley of Digicert made the following motion and Cecilia Kam of Symantec and Doug Beattie of GlobalSign have endorsed it: