CA/Browser Forum posts
2012-09-06 Minutes
September 6, 2012 by Ben WilsonNotes of meeting CAB Forum 6 September 2012 Version 1 Present: Phill Hallam-Baker, Chris Palmer, Ben Wilson, Eddy Nigg, Jeremy Rowley, Simon Labramm, Kirk Hall, Steve Roylance, Wayne Thayer, Atsushi Inaba, Rick Andrews, Rich Smith, Brad Hill, Robin Alden, Geoff Keating, Mads Henriksveen, Patricia Forsyth. Quorum equals 6. Agenda review The agenda was reviewed. Minutes of Meeting 23-Aug-2012 Minutes of 23 August 2012 were approved as published. Ballot status Three items were discussed under this agenda item: (1) abbreviating the voting process for replacement proposals; (2) the adoption/publication of Requirements for the Processing of EV SSL Certificates v.2; and (3) BR Issues 15 and 29.
September 6, 2012 by Ben WilsonNotes of meeting CAB Forum 6 September 2012 Version 1 Present: Phill Hallam-Baker, Chris Palmer, Ben Wilson, Eddy Nigg, Jeremy Rowley, Simon Labramm, Kirk Hall, Steve Roylance, Wayne Thayer, Atsushi Inaba, Rick Andrews, Rich Smith, Brad Hill, Robin Alden, Geoff Keating, Mads Henriksveen, Patricia Forsyth. Quorum equals 6. Agenda review The agenda was reviewed. Minutes of Meeting 23-Aug-2012 Minutes of 23 August 2012 were approved as published. Ballot status Three items were discussed under this agenda item: (1) abbreviating the voting process for replacement proposals; (2) the adoption/publication of Requirements for the Processing of EV SSL Certificates v.2; and (3) BR Issues 15 and 29.
Ballot 87 – Instant Runoff Ballot on Governance
August 31, 2012 by Ben WilsonBallot 87 – Instant Runoff Ballot on Governance Instant Runoff Ballot on Governance Voting by instant-runoff 17 Members Voted
August 31, 2012 by Ben WilsonBallot 87 – Instant Runoff Ballot on Governance Instant Runoff Ballot on Governance Voting by instant-runoff 17 Members Voted
Ballot 85 – Governance Reform
August 24, 2012 by Ben WilsonBallot 85 – Governance Reform (Passed Unanimously) Motion Pursuant to a motion made and approved at the face-to-face meeting of Forum members in Gjovik Norway, the CAB Forum has posted the four (4) governance proposals to , and indicated that one of these governance proposals, or a “no change” proposal, should be adopted by the Forum, by the following voting process: A seven (7) day review period, followed by a vote on this motion;
August 24, 2012 by Ben WilsonBallot 85 – Governance Reform (Passed Unanimously) Motion Pursuant to a motion made and approved at the face-to-face meeting of Forum members in Gjovik Norway, the CAB Forum has posted the four (4) governance proposals to , and indicated that one of these governance proposals, or a “no change” proposal, should be adopted by the Forum, by the following voting process: A seven (7) day review period, followed by a vote on this motion;
2012-08-23 Minutes
August 23, 2012 by Ben WilsonNotes of meeting CAB Forum 23 August 2012 Present: Ben Wilson, Eddy Nigg, Jeremy Rowley, Mads Henriksveen, Sissel Hoel, Atsushi Inaba, Gerv Markham, Rick Andrews, Yngve Pettersen, Rich Smith, Brad Hill, Bill Madell, Robin Alden, Geoff Keating, and Ryan Sleevi. Quorum equals 6. Agenda review The agenda was reviewed. Minutes of Meeting 9-Aug-2012 Minutes of 9 August 2012 were approved as published. Ballot status Ballots 85 and 86 were reviewed. Rich mentioned that if Ballot 86 passes, then the ISO-3166 directorate will need to be notified that the CAB Forum is using the single user-defined country code of “XX” when an official ISO code has not been assigned. On the ballot for BR Issues 15 & 29, Rick noted that he had received comments from Steve Roylance who wanted to (a) disallow non-FQDNs and internal IP addresses in the CN and (b) require that the CA put Org Info in certificates with internal names/IP addresses. Jeremy stated that DigiCert was in support of Steve’s request. Rick said that the second request would require additional engineering, since it wasn’t in the original BRs. Ben said that there was a discussion about this previously, and Jeremy said that a resolution of the issue was postponed and that it is the right time to bring the discussion up again for resolution. It was decided that further discussion on the issue of organizational validation was needed. Rick also noted that the part of the proposal dealing with IDNs raised engineering concerns because Unicode can be tricky. It is not just an issue of confusion caused by mixed character sets, but it also must be screened for mixing of scripts, bi-directional characters, etc. He said it was essential that we identify Unicode libraries in this area because it can be just as susceptible to mistake as crypto, and that is why we have crypto libraries. Brad said he would contact Chris Weber of Casaba Security who has worked on Unicode libraries in this area and see if he has anything to suggest.
August 23, 2012 by Ben WilsonNotes of meeting CAB Forum 23 August 2012 Present: Ben Wilson, Eddy Nigg, Jeremy Rowley, Mads Henriksveen, Sissel Hoel, Atsushi Inaba, Gerv Markham, Rick Andrews, Yngve Pettersen, Rich Smith, Brad Hill, Bill Madell, Robin Alden, Geoff Keating, and Ryan Sleevi. Quorum equals 6. Agenda review The agenda was reviewed. Minutes of Meeting 9-Aug-2012 Minutes of 9 August 2012 were approved as published. Ballot status Ballots 85 and 86 were reviewed. Rich mentioned that if Ballot 86 passes, then the ISO-3166 directorate will need to be notified that the CAB Forum is using the single user-defined country code of “XX” when an official ISO code has not been assigned. On the ballot for BR Issues 15 & 29, Rick noted that he had received comments from Steve Roylance who wanted to (a) disallow non-FQDNs and internal IP addresses in the CN and (b) require that the CA put Org Info in certificates with internal names/IP addresses. Jeremy stated that DigiCert was in support of Steve’s request. Rick said that the second request would require additional engineering, since it wasn’t in the original BRs. Ben said that there was a discussion about this previously, and Jeremy said that a resolution of the issue was postponed and that it is the right time to bring the discussion up again for resolution. It was decided that further discussion on the issue of organizational validation was needed. Rick also noted that the part of the proposal dealing with IDNs raised engineering concerns because Unicode can be tricky. It is not just an issue of confusion caused by mixed character sets, but it also must be screened for mixing of scripts, bi-directional characters, etc. He said it was essential that we identify Unicode libraries in this area because it can be just as susceptible to mistake as crypto, and that is why we have crypto libraries. Brad said he would contact Chris Weber of Casaba Security who has worked on Unicode libraries in this area and see if he has anything to suggest.
CA/Browser Forum adopts Intellectual Property Rights (IPR) policy
August 9, 2012 by Ben WilsonIn order to protect the Intellectual Property of its members, the CA/Browser forum has adopted a IPR policy V1 which has been signed by over 30 companies including the biggest names in the technology industry. The complete list of current members is here: https://cabforum.org/about/membership/members/. The policy and future updates can be found on the IPR Policy page.
August 9, 2012 by Ben WilsonIn order to protect the Intellectual Property of its members, the CA/Browser forum has adopted a IPR policy V1 which has been signed by over 30 companies including the biggest names in the technology industry. The complete list of current members is here: https://cabforum.org/about/membership/members/. The policy and future updates can be found on the IPR Policy page.
2012-08-09 Minutes
August 9, 2012 by Ben WilsonNotes of meeting CAB Forum 9 August 2012 Version 1 Present: Ben Wilson, Eddy Nigg, Jeremy Rowley, Gerv Markham, Sid Stamm, Rick Andrews, Kirk Hall, Dean Coclin, Joe Kaluzny, Chris Bailey, Wayne Thayer, Steve Roylance, Yngve Pettersen, Rich Smith, Brad Hill, Robin Alden, Stephen Davidson, Tom Albertson, Phill Hallam-Baker, Moudrick Dadashov, Ryan Koski, and Geoff Keating. Quorum equals 7. Agenda review The agenda was reviewed. Minutes of Meeting 26-Jul-2012 Minutes of 26 July 2012 were approved as published.
August 9, 2012 by Ben WilsonNotes of meeting CAB Forum 9 August 2012 Version 1 Present: Ben Wilson, Eddy Nigg, Jeremy Rowley, Gerv Markham, Sid Stamm, Rick Andrews, Kirk Hall, Dean Coclin, Joe Kaluzny, Chris Bailey, Wayne Thayer, Steve Roylance, Yngve Pettersen, Rich Smith, Brad Hill, Robin Alden, Stephen Davidson, Tom Albertson, Phill Hallam-Baker, Moudrick Dadashov, Ryan Koski, and Geoff Keating. Quorum equals 7. Agenda review The agenda was reviewed. Minutes of Meeting 26-Jul-2012 Minutes of 26 July 2012 were approved as published.
Ballot 83 – Adopt Network and Certificate System Security Requirements
August 3, 2012 by Ben WilsonOn Ballot 83, there were “YES” votes from nine CAs and two Browsers. There were “NO” votes from four CAs and one Browser. Three CAs abstained. Therefore, Ballot 83 passes with 69% of CAs and 66% of Browsers in favor. Ben Wilson made the following motion, and Bill Madell and Rick Andrews endorsed it: Motion begins As of 1 January 2013 (“Effective Date”), the CA/Browser Forum adopts the “Network and Certificate System Security Requirements” Ballot Draft 1 as Version 1.0. Upon adoption the Ballot Draft shall be assigned a version number of 1.0 and be posted as a Forum Guideline to the cabforum.org Web site.
August 3, 2012 by Ben WilsonOn Ballot 83, there were “YES” votes from nine CAs and two Browsers. There were “NO” votes from four CAs and one Browser. Three CAs abstained. Therefore, Ballot 83 passes with 69% of CAs and 66% of Browsers in favor. Ben Wilson made the following motion, and Bill Madell and Rick Andrews endorsed it: Motion begins As of 1 January 2013 (“Effective Date”), the CA/Browser Forum adopts the “Network and Certificate System Security Requirements” Ballot Draft 1 as Version 1.0. Upon adoption the Ballot Draft shall be assigned a version number of 1.0 and be posted as a Forum Guideline to the cabforum.org Web site.
Forum Discussions are Now Public
August 2, 2012 by Ben WilsonThe CA/Browser Forum has created a public mailing list, intended to be used for normal CA/Browser Forum discussions, which can be read (but not posted to) by interested parties. Visit the list’s web page to sign up.
August 2, 2012 by Ben WilsonThe CA/Browser Forum has created a public mailing list, intended to be used for normal CA/Browser Forum discussions, which can be read (but not posted to) by interested parties. Visit the list’s web page to sign up.