CA/Browser Forum posts
Posts by tag Ballot
Ballot 114 – Improvements to the EV Definitions(passed)
January 28, 2014 by Ben WilsonVoting on Ballot 114 closed on 28 January 2014 with votes cast as follows: Yes: ANF, Buypass, CERTUM, Comodo, DigiCert, GlobalSign, Logius PKIoverheid, QuoVadis, Symantec, Trend Micro, Trustis, TURKTRUST and Mozilla. No: None. Abstain: None. Result: Ballot passes Cecilia Kam from Symantec made the following motion, and Jeremy Rowley from DigiCert and Kirk Hall from Trend Micro endorsed it. This proposal clarifies the definition of Business Entities, Private Organizations, and Incorporating Agencies.
January 28, 2014 by Ben WilsonVoting on Ballot 114 closed on 28 January 2014 with votes cast as follows: Yes: ANF, Buypass, CERTUM, Comodo, DigiCert, GlobalSign, Logius PKIoverheid, QuoVadis, Symantec, Trend Micro, Trustis, TURKTRUST and Mozilla. No: None. Abstain: None. Result: Ballot passes Cecilia Kam from Symantec made the following motion, and Jeremy Rowley from DigiCert and Kirk Hall from Trend Micro endorsed it. This proposal clarifies the definition of Business Entities, Private Organizations, and Incorporating Agencies.
Ballot 115 – Invited Guest to Meeting 31
January 23, 2014 by Ben WilsonMotion by Ben Wilson Endorsed by Symantec and Trend Micro on 1/22/2014 Pursuant to Section 5.4 of the Bylaws, “other persons” may be invited by the Chair in the Chair’s discretion to participate in a CA/Browser Forum Meeting based on a person’s relevant expertise. In light of recent discussion and the proposed Ballot 110, which if endorsed will not complete voting until 6 February 2014, I am proposing that we invite Bruce Morton of Entrust as our Invited Guest during the working group and F2F Meeting 31 from 18-20 February 2014 and that we waive the IPR Agreement requirement for purposes of such invitation.
January 23, 2014 by Ben WilsonMotion by Ben Wilson Endorsed by Symantec and Trend Micro on 1/22/2014 Pursuant to Section 5.4 of the Bylaws, “other persons” may be invited by the Chair in the Chair’s discretion to participate in a CA/Browser Forum Meeting based on a person’s relevant expertise. In light of recent discussion and the proposed Ballot 110, which if endorsed will not complete voting until 6 February 2014, I am proposing that we invite Bruce Morton of Entrust as our Invited Guest during the working group and F2F Meeting 31 from 18-20 February 2014 and that we waive the IPR Agreement requirement for purposes of such invitation.
Ballot 89 – Publish Recommendations for the Processing of EV SSL Certificates v.2(passes)
January 17, 2014 by Ben WilsonVoting on Ballot 89 closed. Ten voted in favor – Buypass, Comodo, D-TRUST, DigiCert, GoDaddy, Izenpe, SSC, Symantec, Trend Micro, and Opera. Mozilla abstained. There were none opposed. Therefore, Ballot 89 passes. Motion Rick Andrews made the following motion, and Ben Wilson and Kirk Hall endorsed it: Motion begins The CA/Browser Forum authorizes the publication of “Recommendations for the Processing of Extended Validation SSL Certificates, v. 2.0” (available here: Recommendations for the Processing of EV SSL Certificates.
January 17, 2014 by Ben WilsonVoting on Ballot 89 closed. Ten voted in favor – Buypass, Comodo, D-TRUST, DigiCert, GoDaddy, Izenpe, SSC, Symantec, Trend Micro, and Opera. Mozilla abstained. There were none opposed. Therefore, Ballot 89 passes. Motion Rick Andrews made the following motion, and Ben Wilson and Kirk Hall endorsed it: Motion begins The CA/Browser Forum authorizes the publication of “Recommendations for the Processing of Extended Validation SSL Certificates, v. 2.0” (available here: Recommendations for the Processing of EV SSL Certificates.
Ballot 113 – Revision to QIIS in EV Guidelines(passes)
January 13, 2014 by Ben WilsonBallot 113 – Revision to QIIS in EV Guidelines Voting ended on 13 January 2014. Quorum was 6 and 21 votes were cast-20 by CAs and 1 by Browsers. Twenty votes were in favor of the amendment. Izenpe abstained. Therefore, the ballot passes. The following proposal comes from EV working group. Jeremy Rowley made the following motion, and Rich Smith and Kirk Hall have endorsed it. This ballot proposes a replacement to Section 11.
January 13, 2014 by Ben WilsonBallot 113 – Revision to QIIS in EV Guidelines Voting ended on 13 January 2014. Quorum was 6 and 21 votes were cast-20 by CAs and 1 by Browsers. Twenty votes were in favor of the amendment. Izenpe abstained. Therefore, the ballot passes. The following proposal comes from EV working group. Jeremy Rowley made the following motion, and Rich Smith and Kirk Hall have endorsed it. This ballot proposes a replacement to Section 11.
Ballot 111 – Accelerate Max Certificate Lifetime Reduction Timetable
December 4, 2013 by Ben WilsonBallot 111 – Accelerate Max Certificate Lifetime Reduction Timetable Gervase Markham (Mozilla) made the following motion, endorsed by Eddy Nigg from StartCom and Ryan Hurst from Globalsign: Motion begins The CAB Forum wishes to take advantage of the /de facto/ deprecation of the near-ubiquitous SHA-1 hash algorithm in the Web PKI and its 1 January 2017 retirement by accelerating the Forum’s planned move to shorter maximum certificate lifetimes, in order to attain a more agile certificate ecosystem.
December 4, 2013 by Ben WilsonBallot 111 – Accelerate Max Certificate Lifetime Reduction Timetable Gervase Markham (Mozilla) made the following motion, endorsed by Eddy Nigg from StartCom and Ryan Hurst from Globalsign: Motion begins The CAB Forum wishes to take advantage of the /de facto/ deprecation of the near-ubiquitous SHA-1 hash algorithm in the Web PKI and its 1 January 2017 retirement by accelerating the Forum’s planned move to shorter maximum certificate lifetimes, in order to attain a more agile certificate ecosystem.
Ballot 109 – Create SSL Performance Working Group(passed)
October 28, 2013 by Ben WilsonBallot 109 – Create SSL Performance Working Group Voting on Ballot 109 has closed. Seventeen voted in favor – Buypass, Comodo, DigiCert, Disig, GlobalSign, GoDaddy, QuoVadis, SECOM, SSC, StartCom, Symantec, Trustis , TURKTRUST, Google, Microsoft, Opera, and Mozilla. There were no abstentions and none opposed. Therefore, Ballot 109 passes. Gervase Markham (Mozilla) made the following motion, endorsed by Rick Andrews from Symantec, Richard Wang from WoSign, Ben Wilson from DigiCert, and Ryan Hurst from GlobalSign:
October 28, 2013 by Ben WilsonBallot 109 – Create SSL Performance Working Group Voting on Ballot 109 has closed. Seventeen voted in favor – Buypass, Comodo, DigiCert, Disig, GlobalSign, GoDaddy, QuoVadis, SECOM, SSC, StartCom, Symantec, Trustis , TURKTRUST, Google, Microsoft, Opera, and Mozilla. There were no abstentions and none opposed. Therefore, Ballot 109 passes. Gervase Markham (Mozilla) made the following motion, endorsed by Rick Andrews from Symantec, Richard Wang from WoSign, Ben Wilson from DigiCert, and Ryan Hurst from GlobalSign:
Ballot 107 – Removing Version Numbers to WebTrust and ETSI Standards From CABF Guidelines
August 9, 2013 by Ben WilsonBallot 107 – Removing Version Numbers to WebTrust and ETSI Standards From CABF Guidelines (Withdrawn) Mads Henriksveen made the following motion, and Inigo Barreira from Izenpe and Kirk Hall from Trend Micro endorsed it: Motion Begins Baseline Requirements (BR) Document History Implementers’ Note: Version 1.1 of these SSL Baseline Requirements was published on September 14, 2012. Version 1.1 of WebTrust’s SSL Baseline Audit Criteria and ETSI Technical Standard Electronic Signatures and Infrastructures (ESI) 102 042 version 2.
August 9, 2013 by Ben WilsonBallot 107 – Removing Version Numbers to WebTrust and ETSI Standards From CABF Guidelines (Withdrawn) Mads Henriksveen made the following motion, and Inigo Barreira from Izenpe and Kirk Hall from Trend Micro endorsed it: Motion Begins Baseline Requirements (BR) Document History Implementers’ Note: Version 1.1 of these SSL Baseline Requirements was published on September 14, 2012. Version 1.1 of WebTrust’s SSL Baseline Audit Criteria and ETSI Technical Standard Electronic Signatures and Infrastructures (ESI) 102 042 version 2.
Ballot 108 – Defining the Scope of the Baseline Requirements
August 6, 2013 by Ben WilsonBallot 108 – Defining the Scope of the Baseline Requirements (Withdrawn) Motion Jeremy Rowley made the following motion, and Stephen Davidson and Geoff Keating endorsed it: Motion Begins Amend Section 1 of the Baseline Requirements as follows: The Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates describe a subset of the requirements that a Certification Authority must meet in order to issue Publicly Trusted Certificates. Except where explicitly stated otherwise, these requirements apply only to relevant events that occur on or after the Effective Date.
August 6, 2013 by Ben WilsonBallot 108 – Defining the Scope of the Baseline Requirements (Withdrawn) Motion Jeremy Rowley made the following motion, and Stephen Davidson and Geoff Keating endorsed it: Motion Begins Amend Section 1 of the Baseline Requirements as follows: The Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates describe a subset of the requirements that a Certification Authority must meet in order to issue Publicly Trusted Certificates. Except where explicitly stated otherwise, these requirements apply only to relevant events that occur on or after the Effective Date.
Ballot 106 – Extended Deadline to Prohibit OCSP “Good” Response for Non-Issued Certificates
August 6, 2013 by Ben WilsonBallot 106 – Extended Deadline to Prohibit OCSP “Good” Response for Non-Issued Certificates (Withdrawn) Motion Given that several CAs have notified the CA/Browser Forum that they will be unable to comply with the 1-August-2013 deadline by which OCSP responders MUST NOT respond with a “good” status for unissued certificates, and that a one-year extension of this deadline is an appropriate timeframe by which these CAs should be able to come into compliance;
August 6, 2013 by Ben WilsonBallot 106 – Extended Deadline to Prohibit OCSP “Good” Response for Non-Issued Certificates (Withdrawn) Motion Given that several CAs have notified the CA/Browser Forum that they will be unable to comply with the 1-August-2013 deadline by which OCSP responders MUST NOT respond with a “good” status for unissued certificates, and that a one-year extension of this deadline is an appropriate timeframe by which these CAs should be able to come into compliance;
Ballot 105 – Technical Constraints for Subordinate Certificate Authorities Yielding Broader and Safer PKI Adoption.
July 29, 2013 by Ben WilsonBallot 105 – Technical Constraints for Subordinate Certificate Authorities Yielding Broader and Safer PKI Adoption. (Passed) Motion Steve Roylance made the following motion, and Gervase Markham from Mozilla and Stephen Davidson from QuoVadis endorsed it: Motion Begins EFFECTIVE IMMEDIATELY, this ballot provides clarity to the language covering external audits for Subordinate CAs, removing ambiguity as well as providing better alignment of the Baseline Requirements to the Mozilla CA Root program where the subject is already covered and accepted by the wider PKI community.
July 29, 2013 by Ben WilsonBallot 105 – Technical Constraints for Subordinate Certificate Authorities Yielding Broader and Safer PKI Adoption. (Passed) Motion Steve Roylance made the following motion, and Gervase Markham from Mozilla and Stephen Davidson from QuoVadis endorsed it: Motion Begins EFFECTIVE IMMEDIATELY, this ballot provides clarity to the language covering external audits for Subordinate CAs, removing ambiguity as well as providing better alignment of the Baseline Requirements to the Mozilla CA Root program where the subject is already covered and accepted by the wider PKI community.