CA/Browser Forum posts
Notice of IPR Review Period for EV Amendments Made by Ballots 101 and 104
July 29, 2013 by Ben WilsonPursuant to Section 4.1 of the CA/Browser Forum’s IPR Policy, this is notice of the commencement of a 30-day IPR maintenance-guideline review period by which certain provisions of the IPR will become applicable to these recent changes made to the EV Guidelines (by Ballots 101 and 104). During this IPR review period you are to review these amendments and consider any licensing obligations with respect to any Essential Claims that may be encompassed by such amendments.
July 29, 2013 by Ben WilsonPursuant to Section 4.1 of the CA/Browser Forum’s IPR Policy, this is notice of the commencement of a 30-day IPR maintenance-guideline review period by which certain provisions of the IPR will become applicable to these recent changes made to the EV Guidelines (by Ballots 101 and 104). During this IPR review period you are to review these amendments and consider any licensing obligations with respect to any Essential Claims that may be encompassed by such amendments.
Notice of IPR Review Period for BR Amendments Made by Ballots 96, 97, 99, 102 and 105
July 29, 2013 by Ben WilsonThe following changes have been made to the Baseline Requirements since the last Notice of IPR Review Period: Ballot 96 amended sections 11.1.3 and 11.1.4 dealing with Wildcards and new gTLDs. Ballot 97 – Prevention of Unknown Certificate Contents – amended section 10.2.3 and Appendix B and also addressed RFC 5280. Ballot 99 added an allowance for DSA keys to Appendix B Ballot 102 amended section 9.2.3 concerning the use of domainComponents in certificates.
July 29, 2013 by Ben WilsonThe following changes have been made to the Baseline Requirements since the last Notice of IPR Review Period: Ballot 96 amended sections 11.1.3 and 11.1.4 dealing with Wildcards and new gTLDs. Ballot 97 – Prevention of Unknown Certificate Contents – amended section 10.2.3 and Appendix B and also addressed RFC 5280. Ballot 99 added an allowance for DSA keys to Appendix B Ballot 102 amended section 9.2.3 concerning the use of domainComponents in certificates.
2013-07-25 Minutes
July 25, 2013 by Ben WilsonNotes of meeting CAB Forum 25 July 2013 Version 1 Present: Rick Andrews, Kirk Hall, Atsushi Inaba, Ben Wilson, Eddy Nigg, Mads Henriksveen, Sissel Hoel, Dean Coclin, Jeremy Rowley, Ryan Sleevi, Robin Alden, Steve Roylance, Mert Ozarar, Atilla Biler Agenda review: Approved as published. Minutes: Minutes of July 11, 2013 were circulated on July 18, 2013 Ballots: Ballot 103- Ben will fix and recirculate; Ballot 104 – EVG v. 1.4.3 will be circulated; Ballot 105 – so far we have received 13 votes, 11 yes and two abstained. Three of the browser have voted yes. Ballot 106 there have been many comments. Do we want to discuss now? No, we’ll continue discussions on the list. Ballot 107 – Mads needs another endorser. Iñigo said he would endorse with a minor change. Ballot 89 – Rick said he had sent to Tom for review. He’ll follow up when Tom gets back from vacation, but he wants to put it to bed–either put out a new document or get rid of the old one on the web site. Ballot 108 – Jeremy noted that the current Baseline Requirements are not clear on when they apply. He suggests that SSL certificates be defined for purposes of the Baseline Requirements as certificates with the server authentication EKU. Ryan S. wants to ensure that the Baseline Requirements correctly address Intermediate CAs as well. Jeremy agreed and said he would add that in.
July 25, 2013 by Ben WilsonNotes of meeting CAB Forum 25 July 2013 Version 1 Present: Rick Andrews, Kirk Hall, Atsushi Inaba, Ben Wilson, Eddy Nigg, Mads Henriksveen, Sissel Hoel, Dean Coclin, Jeremy Rowley, Ryan Sleevi, Robin Alden, Steve Roylance, Mert Ozarar, Atilla Biler Agenda review: Approved as published. Minutes: Minutes of July 11, 2013 were circulated on July 18, 2013 Ballots: Ballot 103- Ben will fix and recirculate; Ballot 104 – EVG v. 1.4.3 will be circulated; Ballot 105 – so far we have received 13 votes, 11 yes and two abstained. Three of the browser have voted yes. Ballot 106 there have been many comments. Do we want to discuss now? No, we’ll continue discussions on the list. Ballot 107 – Mads needs another endorser. Iñigo said he would endorse with a minor change. Ballot 89 – Rick said he had sent to Tom for review. He’ll follow up when Tom gets back from vacation, but he wants to put it to bed–either put out a new document or get rid of the old one on the web site. Ballot 108 – Jeremy noted that the current Baseline Requirements are not clear on when they apply. He suggests that SSL certificates be defined for purposes of the Baseline Requirements as certificates with the server authentication EKU. Ryan S. wants to ensure that the Baseline Requirements correctly address Intermediate CAs as well. Jeremy agreed and said he would add that in.
2013-07-11 Minutes
July 11, 2013 by Ben WilsonNotes of meeting CAB Forum 11 July 2013 Present: Kirk Hall, Atsushi Inaba, Ben Wilson, Dean Coclin, Rick Andrews, Rich Smith, Eddy Nigg, Geoff Keating, Mads Henriksveen, Wayne Thayer, Jeremy Rowley, Steve Roylance, Gerv Markham, Mert Ozarar, Robin Alden, Phill Hallam Baker, Cornelia Enke Agenda review: The agenda was reviewed. Steve Roylance said he wanted time to discuss technical constraints. Jeremy Rowley said he wanted time to discuss what defines an SSL certificate covered by the Baseline Requirements and convening the working group on EV. Rick would like to see if there is any update on browser vendors using CAA. He said it seems like Google has already implemented it. He asked Geoff whether CAA testing was on the radar for Apple, and Geoff said it was.
July 11, 2013 by Ben WilsonNotes of meeting CAB Forum 11 July 2013 Present: Kirk Hall, Atsushi Inaba, Ben Wilson, Dean Coclin, Rick Andrews, Rich Smith, Eddy Nigg, Geoff Keating, Mads Henriksveen, Wayne Thayer, Jeremy Rowley, Steve Roylance, Gerv Markham, Mert Ozarar, Robin Alden, Phill Hallam Baker, Cornelia Enke Agenda review: The agenda was reviewed. Steve Roylance said he wanted time to discuss technical constraints. Jeremy Rowley said he wanted time to discuss what defines an SSL certificate covered by the Baseline Requirements and convening the working group on EV. Rick would like to see if there is any update on browser vendors using CAA. He said it seems like Google has already implemented it. He asked Geoff whether CAA testing was on the radar for Apple, and Geoff said it was.
Ballot 104 – EV Domain Validation
July 9, 2013 by Ben WilsonBallot 104 – Domain verification for EV Certificates (Passed) Motion Rich Smith of Comodo made the following motion, and Jeremy Rowley from DigiCert and Mads Henriksveen from Buypass endorsed it: Motion Begins EFFECTIVE IMMEDIATELY, in order to reconcile the differences in domain verification specified in the Baseline Requirements and EV Guidelines, clarify language within the EV Guidelines about the right to use a domain name, and permit additional alternatives in verifying domain control or ownership, we propose amending the EV Guidelines as follows:
July 9, 2013 by Ben WilsonBallot 104 – Domain verification for EV Certificates (Passed) Motion Rich Smith of Comodo made the following motion, and Jeremy Rowley from DigiCert and Mads Henriksveen from Buypass endorsed it: Motion Begins EFFECTIVE IMMEDIATELY, in order to reconcile the differences in domain verification specified in the Baseline Requirements and EV Guidelines, clarify language within the EV Guidelines about the right to use a domain name, and permit additional alternatives in verifying domain control or ownership, we propose amending the EV Guidelines as follows:
2013-06-27 Minutes
June 27, 2013 by Ben WilsonNotes of meeting – CAB Forum – 27 June 2013 – Version 2 Present: Rich Smith, Atsushi Inaba, Ben Wilson, Mads Henriksveen, Dean Coclin, Geoff Keating, Jeremy Rowley, Stephen Davidson, Kirk Hall, Robin Alden, Eddy Nigg, Steve Roylance, Kelvin Yiu, Agenda review: Approved as published. Minutes: Approve Minutes of 30 May 2013: Approved for publication. On the minutes from the Munich face-to-face, it was decided that those would be converted from Word to wiki format because it will be easier to edit typos, grammar, etc. in that format. Then we urge everyone to review and edit them as needed to give more clarity if needed. We’ll add a notice to the top of the final version to indicate that the different presentation styles are due to the fact that the notes were taken by different individuals, rather than because of any other reason. A deadline was set for the meeting that follows August 1 at which time they would be presented for approval.
June 27, 2013 by Ben WilsonNotes of meeting – CAB Forum – 27 June 2013 – Version 2 Present: Rich Smith, Atsushi Inaba, Ben Wilson, Mads Henriksveen, Dean Coclin, Geoff Keating, Jeremy Rowley, Stephen Davidson, Kirk Hall, Robin Alden, Eddy Nigg, Steve Roylance, Kelvin Yiu, Agenda review: Approved as published. Minutes: Approve Minutes of 30 May 2013: Approved for publication. On the minutes from the Munich face-to-face, it was decided that those would be converted from Word to wiki format because it will be easier to edit typos, grammar, etc. in that format. Then we urge everyone to review and edit them as needed to give more clarity if needed. We’ll add a notice to the top of the final version to indicate that the different presentation styles are due to the fact that the notes were taken by different individuals, rather than because of any other reason. A deadline was set for the meeting that follows August 1 at which time they would be presented for approval.
Ballot 103 – OCSP AIA and TLS Feature Extension
June 15, 2013 by Ben WilsonThis ballot lacked an endorser.
June 15, 2013 by Ben WilsonThis ballot lacked an endorser.
Minutes of the F2F 29 Meeting in Munich, Germany, 11-13 June 2013
June 11, 2013 by Ben WilsonThese are the consolidated minutes of the Munich Face-to-Face meeting held June 11-12, 2013. Differences in writing/formatting styles are attributable to the fact that the minutes were transcribed by different persons. Opening: Dean Coclin welcomed everyone to Symantec’s offices and reviewed the logistics. Ben Wilson read the antitrust statement. Updates from Browsers and Other News Representatives from Opera, Mozilla, and Microsoft were present.
June 11, 2013 by Ben WilsonThese are the consolidated minutes of the Munich Face-to-Face meeting held June 11-12, 2013. Differences in writing/formatting styles are attributable to the fact that the minutes were transcribed by different persons. Opening: Dean Coclin welcomed everyone to Symantec’s offices and reviewed the logistics. Ben Wilson read the antitrust statement. Updates from Browsers and Other News Representatives from Opera, Mozilla, and Microsoft were present.
Ballot 101 – EV 11.10.2 Accountants
June 7, 2013 by Ben WilsonBallot 101 – Section 11.10.2 of EV Guidelines – Accountant Licensing (Passed) Motion Ryan Koski made the following motion, and Ben Wilson from DigiCert and Rich Smith from Comodo endorsed it: Motion Begins EFFECTIVE IMMEDIATELY, in order to eliminate a conflict in the Extended Validation Guidelines between the definition of Accounting Practitioner in Section 4 (Definitions) mentioning “country” and the specific requirements for verifying the status of Accounting Practitioners in 11.10.2(1)(A) which does not, and to clarify the requirement, we propose amending section 11.10.2 as follows:
June 7, 2013 by Ben WilsonBallot 101 – Section 11.10.2 of EV Guidelines – Accountant Licensing (Passed) Motion Ryan Koski made the following motion, and Ben Wilson from DigiCert and Rich Smith from Comodo endorsed it: Motion Begins EFFECTIVE IMMEDIATELY, in order to eliminate a conflict in the Extended Validation Guidelines between the definition of Accounting Practitioner in Section 4 (Definitions) mentioning “country” and the specific requirements for verifying the status of Accounting Practitioners in 11.10.2(1)(A) which does not, and to clarify the requirement, we propose amending section 11.10.2 as follows:
Ballot 102 – BR 9.2.3 domainComponent
May 31, 2013 by Ben WilsonBallot 102 – BR 9.2.3 domainComponents (Passed) Motion Jeremy Rowley of DigiCert made the following motion, and Robin Alden from Comodo and Geoffrey Keating from Apple endorsed it: Motion Begins EFFECTIVE IMMEDIATELY, in order to conform to requirements of other industry bodies, including the Internet Grid Trust Federation, and to allow the encoding of domain components in certificates that interact with the configurations of some LDAP directories, we propose amending Section 9.2.3 of the Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates as follows:
May 31, 2013 by Ben WilsonBallot 102 – BR 9.2.3 domainComponents (Passed) Motion Jeremy Rowley of DigiCert made the following motion, and Robin Alden from Comodo and Geoffrey Keating from Apple endorsed it: Motion Begins EFFECTIVE IMMEDIATELY, in order to conform to requirements of other industry bodies, including the Internet Grid Trust Federation, and to allow the encoding of domain components in certificates that interact with the configurations of some LDAP directories, we propose amending Section 9.2.3 of the Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates as follows: