CA/Browser Forum posts
Ballot 98 – Public Voting
February 22, 2013 by Ben WilsonBallot 98 – Public Voting (Passed) Motion Gervase Markham made the following motion, and Jeremy Rowley and Kirk Hall endorsed it: Motion begins The CAB Forum wishes to require that the votes of Members on CAB Forum ballots be public information. For avoidance of doubt, a consequence of this change is that the voting information for ballots will be public. Therefore, effective immediately, the CAB Forum Bylaws[0] are updated as follows:
February 22, 2013 by Ben WilsonBallot 98 – Public Voting (Passed) Motion Gervase Markham made the following motion, and Jeremy Rowley and Kirk Hall endorsed it: Motion begins The CAB Forum wishes to require that the votes of Members on CAB Forum ballots be public information. For avoidance of doubt, a consequence of this change is that the voting information for ballots will be public. Therefore, effective immediately, the CAB Forum Bylaws[0] are updated as follows:
Ballot 97 – Prevention of Unknown Certificate Contents
February 21, 2013 by Ben WilsonBallot 97 – Prevention of Unknown Certificate Contents (Passed) Motion Jeremy Rowley made the following motion, and Ryan Hurst and Robin Alden endorsed it: Motion begins Erratum begins A. In Section 10.2.3, after the first paragraph, insert: “The CA SHALL establish and follow a documented procedure for verifying all data requested for inclusion in the Certificate by the Applicant.”
February 21, 2013 by Ben WilsonBallot 97 – Prevention of Unknown Certificate Contents (Passed) Motion Jeremy Rowley made the following motion, and Ryan Hurst and Robin Alden endorsed it: Motion begins Erratum begins A. In Section 10.2.3, after the first paragraph, insert: “The CA SHALL establish and follow a documented procedure for verifying all data requested for inclusion in the Certificate by the Applicant.”
2013-02-21 Minutes
February 21, 2013 by Ben WilsonNotes of meeting CAB Forum 21 February 2013 Version 1 Present: Phill Hallam-Baker, Ben Wilson, Atsushi Inaba, Ryan Koski, Eddy Nigg, Gerv Markham, Wayne Thayer, Sara Morris, Dean Coclin, Paul Lambert, Atilla Biler, Rich Smith, Mads Henriksveen, Sissel Hoel, Mert Ozarar, Jeremy Rowley, Stephen Davidson, Tom Albertson, Agenda Review The agenda was reviewed and Item 6 (Wi-Fi Alliance) was moved forward to Agenda Item 4. Approval of the Minutes of 24 January 2013. The minutes of 24 January 2013 were approved as published.
February 21, 2013 by Ben WilsonNotes of meeting CAB Forum 21 February 2013 Version 1 Present: Phill Hallam-Baker, Ben Wilson, Atsushi Inaba, Ryan Koski, Eddy Nigg, Gerv Markham, Wayne Thayer, Sara Morris, Dean Coclin, Paul Lambert, Atilla Biler, Rich Smith, Mads Henriksveen, Sissel Hoel, Mert Ozarar, Jeremy Rowley, Stephen Davidson, Tom Albertson, Agenda Review The agenda was reviewed and Item 6 (Wi-Fi Alliance) was moved forward to Agenda Item 4. Approval of the Minutes of 24 January 2013. The minutes of 24 January 2013 were approved as published.
Ballot 96 – Wildcard Certificates and New gTLDs
February 20, 2013 by Ben WilsonBallot 96 – Wildcard Certificates and New gTLDs (Passed) Motion
February 20, 2013 by Ben WilsonBallot 96 – Wildcard Certificates and New gTLDs (Passed) Motion
Guidance on the Deprecation of Internal Server Names and Reserved IP Addresses
February 4, 2013 by Ben WilsonThis document explains the changes to Certification Authority support for internal server names and reserved IP dddresses and the reasons behind the new rules that were introduced in the Baseline Requirements for the Issuance and Management of Publicly Trusted Certificates, Version 1.0 that took effect effect on July 1, 2012: Guidance on the Deprecation of Internal Server Names and Reserved IP Addresses
February 4, 2013 by Ben WilsonThis document explains the changes to Certification Authority support for internal server names and reserved IP dddresses and the reasons behind the new rules that were introduced in the Baseline Requirements for the Issuance and Management of Publicly Trusted Certificates, Version 1.0 that took effect effect on July 1, 2012: Guidance on the Deprecation of Internal Server Names and Reserved IP Addresses
2013-01-24 Minutes
January 24, 2013 by Ben WilsonNotes of meeting CAB Forum 24 January 2013 Version 1 Present: Ben Wilson, Atsushi Inaba, Mads Henriksveen, Sissel Hoel, Eddy Nigg, Rich Smith, Ryan Koski, Ryan Sleevi, Gerv Markham, Simon Labram, Kirk Hall, Jeremy Rowley, Wayne Thayer, Rick Andrews, Brad Hill, Stephen Davidson, Robin Alden, Mert Ozarar, Phill Hallam-Baker Agenda Review: the agenda was reviewed. Approve Minutes of 10 January 2013: The minutes of 10 January 2013 were approved subject to factual corrections made by Turktrust.
January 24, 2013 by Ben WilsonNotes of meeting CAB Forum 24 January 2013 Version 1 Present: Ben Wilson, Atsushi Inaba, Mads Henriksveen, Sissel Hoel, Eddy Nigg, Rich Smith, Ryan Koski, Ryan Sleevi, Gerv Markham, Simon Labram, Kirk Hall, Jeremy Rowley, Wayne Thayer, Rick Andrews, Brad Hill, Stephen Davidson, Robin Alden, Mert Ozarar, Phill Hallam-Baker Agenda Review: the agenda was reviewed. Approve Minutes of 10 January 2013: The minutes of 10 January 2013 were approved subject to factual corrections made by Turktrust.
2013-01-10 Minutes
January 10, 2013 by Ben WilsonNotes of meeting CAB Forum 10 January 2013 Present: Maarten Van Horenbeeck, Stephen McHenry, Atsushi Inaba, Ryan Koski, Gerv Markham, Brad Hill, Dean Coclin, Rick Andrews, Robin Alden, Mert Ozarar, Atilla Biler, Cagdas Funda, Jeremy Rowley, Eddy Nigg, Sissel Hoel, Ryan Sleevi, Steve Roylance, and Kirk Hall. Agenda Review: the agenda was reviewed and Ben mentioned that Phill Hallam-Baker had contacted him previously to make sure that CAA was discussed, and he thought it could occur later after the discussion of Turktrust. Phill was not on the call, but joined near the end of the call, and we discussed CAA under Item 9. Other Business.
January 10, 2013 by Ben WilsonNotes of meeting CAB Forum 10 January 2013 Present: Maarten Van Horenbeeck, Stephen McHenry, Atsushi Inaba, Ryan Koski, Gerv Markham, Brad Hill, Dean Coclin, Rick Andrews, Robin Alden, Mert Ozarar, Atilla Biler, Cagdas Funda, Jeremy Rowley, Eddy Nigg, Sissel Hoel, Ryan Sleevi, Steve Roylance, and Kirk Hall. Agenda Review: the agenda was reviewed and Ben mentioned that Phill Hallam-Baker had contacted him previously to make sure that CAA was discussed, and he thought it could occur later after the discussion of Turktrust. Phill was not on the call, but joined near the end of the call, and we discussed CAA under Item 9. Other Business.
2012-12-06 Minutes
December 6, 2012 by Ben WilsonNotes of meeting CAB Forum 6 December 2012 Version 1 Present: Rick Andrews, Ben Wilson, Kirk Hall, Yngve Pettersen, Atsushi Inaba, Eddy Nigg, Jeremy Rowley, Dean Coclin, Mads Henriksveen, Sissel Hoel, Wayne Thayer, Ryan Koski, Ryan Sleevi, Geoff Keating, Gerv Markham, Rich Smith, and Håvard Molland. Agenda Review: the agenda was reviewed. Approve Minutes of 19 Nov 2012: The minutes of 19 November 2012 were approved as published. Report on ETSI CA Day: Among those in attendance were Yngve, Ben, Robin, Mads, Sissel, Iñigo, Dean, Tom, Arno, Nick Pope, Steve R., Tony Nagel, Moudrick, and several others. During CA Day, Dean, Ben and Robin provided an update on the implementation of the Baseline Requirements. One of the main topics during CA Day was CA auditing, and Nick Pope, Iñigo, Arno, and Christoph Sutter updated attendees on CA auditing and the work of ETSI STFs. (See Arno’s email dated 18-Dec-2012.) Representatives of the European Commission explained the proposed update of regulations concerning the 1999 Electronic Signature Directive (1999/93/EC). The main purpose of the regulations is to remove legal barriers to cross-border transactions (see this document), but it might also include an initiative to regulate SSL certificates. The approach would be to recognize EV certificates as “qualified website authentication certificates” IF the issuer is subject to member state supervision. Ben said he had reviewed the draft regulation (this link) and that it did not go into those specific details. Ben also reported that several CAs in the meeting questioned the efficacy of that solution because there would not be any further browser enhancement of trust displays for such certificates. He also said that he had suggested that EV could be used as a standalone solution and that the EC should tailor a separate solution around the perceived problem, whatever it is that they are trying to solve, e.g. Diginotar, etc.
December 6, 2012 by Ben WilsonNotes of meeting CAB Forum 6 December 2012 Version 1 Present: Rick Andrews, Ben Wilson, Kirk Hall, Yngve Pettersen, Atsushi Inaba, Eddy Nigg, Jeremy Rowley, Dean Coclin, Mads Henriksveen, Sissel Hoel, Wayne Thayer, Ryan Koski, Ryan Sleevi, Geoff Keating, Gerv Markham, Rich Smith, and Håvard Molland. Agenda Review: the agenda was reviewed. Approve Minutes of 19 Nov 2012: The minutes of 19 November 2012 were approved as published. Report on ETSI CA Day: Among those in attendance were Yngve, Ben, Robin, Mads, Sissel, Iñigo, Dean, Tom, Arno, Nick Pope, Steve R., Tony Nagel, Moudrick, and several others. During CA Day, Dean, Ben and Robin provided an update on the implementation of the Baseline Requirements. One of the main topics during CA Day was CA auditing, and Nick Pope, Iñigo, Arno, and Christoph Sutter updated attendees on CA auditing and the work of ETSI STFs. (See Arno’s email dated 18-Dec-2012.) Representatives of the European Commission explained the proposed update of regulations concerning the 1999 Electronic Signature Directive (1999/93/EC). The main purpose of the regulations is to remove legal barriers to cross-border transactions (see this document), but it might also include an initiative to regulate SSL certificates. The approach would be to recognize EV certificates as “qualified website authentication certificates” IF the issuer is subject to member state supervision. Ben said he had reviewed the draft regulation (this link) and that it did not go into those specific details. Ben also reported that several CAs in the meeting questioned the efficacy of that solution because there would not be any further browser enhancement of trust displays for such certificates. He also said that he had suggested that EV could be used as a standalone solution and that the EC should tailor a separate solution around the perceived problem, whatever it is that they are trying to solve, e.g. Diginotar, etc.
CA/Browser Forum adopts Bylaws
November 23, 2012 by Ben WilsonOn November 23, 2012, the CA/Browser Forum adopted its first formal bylaws that document and update the forum’s rules of governance, including rules for public participation in the forum’s activities.
November 23, 2012 by Ben WilsonOn November 23, 2012, the CA/Browser Forum adopted its first formal bylaws that document and update the forum’s rules of governance, including rules for public participation in the forum’s activities.