CA/Browser Forum posts
Posts by tag Ballot
Ballot 109 – Create SSL Performance Working Group(passed)
October 28, 2013 by Ben WilsonBallot 109 – Create SSL Performance Working Group Voting on Ballot 109 has closed. Seventeen voted in favor – Buypass, Comodo, DigiCert, Disig, GlobalSign, GoDaddy, QuoVadis, SECOM, SSC, StartCom, Symantec, Trustis , TURKTRUST, Google, Microsoft, Opera, and Mozilla. There were no abstentions and none opposed. Therefore, Ballot 109 passes.
October 28, 2013 by Ben WilsonBallot 109 – Create SSL Performance Working Group Voting on Ballot 109 has closed. Seventeen voted in favor – Buypass, Comodo, DigiCert, Disig, GlobalSign, GoDaddy, QuoVadis, SECOM, SSC, StartCom, Symantec, Trustis , TURKTRUST, Google, Microsoft, Opera, and Mozilla. There were no abstentions and none opposed. Therefore, Ballot 109 passes.
Ballot 107 – Removing Version Numbers to WebTrust and ETSI Standards From CABF Guidelines
August 9, 2013 by Ben WilsonBallot 107 – Removing Version Numbers to WebTrust and ETSI Standards From CABF Guidelines (Withdrawn) Mads Henriksveen made the following motion, and Inigo Barreira from Izenpe and Kirk Hall from Trend Micro endorsed it: Motion Begins Baseline Requirements (BR)
August 9, 2013 by Ben WilsonBallot 107 – Removing Version Numbers to WebTrust and ETSI Standards From CABF Guidelines (Withdrawn) Mads Henriksveen made the following motion, and Inigo Barreira from Izenpe and Kirk Hall from Trend Micro endorsed it: Motion Begins Baseline Requirements (BR)
Ballot 108 – Defining the Scope of the Baseline Requirements
August 6, 2013 by Ben WilsonBallot 108 – Defining the Scope of the Baseline Requirements (Withdrawn) Motion Jeremy Rowley made the following motion, and Stephen Davidson and Geoff Keating endorsed it: Motion Begins Amend Section 1 of the Baseline Requirements as follows: The Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates describe a subset of the requirements that a Certification Authority must meet in order to issue Publicly Trusted Certificates. Except where explicitly stated otherwise, these requirements apply only to relevant events that occur on or after the Effective Date.
August 6, 2013 by Ben WilsonBallot 108 – Defining the Scope of the Baseline Requirements (Withdrawn) Motion Jeremy Rowley made the following motion, and Stephen Davidson and Geoff Keating endorsed it: Motion Begins Amend Section 1 of the Baseline Requirements as follows: The Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates describe a subset of the requirements that a Certification Authority must meet in order to issue Publicly Trusted Certificates. Except where explicitly stated otherwise, these requirements apply only to relevant events that occur on or after the Effective Date.
Ballot 106 – Extended Deadline to Prohibit OCSP “Good” Response for Non-Issued Certificates
August 6, 2013 by Ben WilsonBallot 106 – Extended Deadline to Prohibit OCSP “Good” Response for Non-Issued Certificates (Withdrawn) Motion Given that several CAs have notified the CA/Browser Forum that they will be unable to comply with the 1-August-2013 deadline by which OCSP responders MUST NOT respond with a “good” status for unissued certificates, and that a one-year extension of this deadline is an appropriate timeframe by which these CAs should be able to come into compliance;
August 6, 2013 by Ben WilsonBallot 106 – Extended Deadline to Prohibit OCSP “Good” Response for Non-Issued Certificates (Withdrawn) Motion Given that several CAs have notified the CA/Browser Forum that they will be unable to comply with the 1-August-2013 deadline by which OCSP responders MUST NOT respond with a “good” status for unissued certificates, and that a one-year extension of this deadline is an appropriate timeframe by which these CAs should be able to come into compliance;
Ballot 105 – Technical Constraints for Subordinate Certificate Authorities Yielding Broader and Safer PKI Adoption.
July 29, 2013 by Ben WilsonBallot 105 – Technical Constraints for Subordinate Certificate Authorities Yielding Broader and Safer PKI Adoption. (Passed) Motion Steve Roylance made the following motion, and Gervase Markham from Mozilla and Stephen Davidson from QuoVadis endorsed it: Motion Begins EFFECTIVE IMMEDIATELY, this ballot provides clarity to the language covering external audits for Subordinate CAs, removing ambiguity as well as providing better alignment of the Baseline Requirements to the Mozilla CA Root program where the subject is already covered and accepted by the wider PKI community. In addition, the proposal sets out to aid wider and broader PKI adoption by Subordinate CAs by defining the use of Technical Constraints and highlighting how additional barriers to adoption within the guidelines can be optional when using Name Constraints, specifically the requirement for ‘OCSP Good’ responses originally proposed in Ballot 100. We propose amending the Baseline Requirements Guidelines as follows:
July 29, 2013 by Ben WilsonBallot 105 – Technical Constraints for Subordinate Certificate Authorities Yielding Broader and Safer PKI Adoption. (Passed) Motion Steve Roylance made the following motion, and Gervase Markham from Mozilla and Stephen Davidson from QuoVadis endorsed it: Motion Begins EFFECTIVE IMMEDIATELY, this ballot provides clarity to the language covering external audits for Subordinate CAs, removing ambiguity as well as providing better alignment of the Baseline Requirements to the Mozilla CA Root program where the subject is already covered and accepted by the wider PKI community. In addition, the proposal sets out to aid wider and broader PKI adoption by Subordinate CAs by defining the use of Technical Constraints and highlighting how additional barriers to adoption within the guidelines can be optional when using Name Constraints, specifically the requirement for ‘OCSP Good’ responses originally proposed in Ballot 100. We propose amending the Baseline Requirements Guidelines as follows:
Notice of IPR Review Period for EV Amendments Made by Ballots 101 and 104
July 29, 2013 by Ben WilsonPursuant to Section 4.1 of the CA/Browser Forum’s IPR Policy, this is notice of the commencement of a 30-day IPR maintenance-guideline review period by which certain provisions of the IPR will become applicable to these recent changes made to the EV Guidelines (by Ballots 101 and 104). During this IPR review period you are to review these amendments and consider any licensing obligations with respect to any Essential Claims that may be encompassed by such amendments.
July 29, 2013 by Ben WilsonPursuant to Section 4.1 of the CA/Browser Forum’s IPR Policy, this is notice of the commencement of a 30-day IPR maintenance-guideline review period by which certain provisions of the IPR will become applicable to these recent changes made to the EV Guidelines (by Ballots 101 and 104). During this IPR review period you are to review these amendments and consider any licensing obligations with respect to any Essential Claims that may be encompassed by such amendments.
Notice of IPR Review Period for BR Amendments Made by Ballots 96, 97, 99, 102 and 105
July 29, 2013 by Ben WilsonThe following changes have been made to the Baseline Requirements since the last Notice of IPR Review Period: Ballot 96 amended sections 11.1.3 and 11.1.4 dealing with Wildcards and new gTLDs. Ballot 97 – Prevention of Unknown Certificate Contents – amended section 10.2.3 and Appendix B and also addressed RFC 5280. Ballot 99 added an allowance for DSA keys to Appendix B Ballot 102 amended section 9.2.3 concerning the use of domainComponents in certificates.
July 29, 2013 by Ben WilsonThe following changes have been made to the Baseline Requirements since the last Notice of IPR Review Period: Ballot 96 amended sections 11.1.3 and 11.1.4 dealing with Wildcards and new gTLDs. Ballot 97 – Prevention of Unknown Certificate Contents – amended section 10.2.3 and Appendix B and also addressed RFC 5280. Ballot 99 added an allowance for DSA keys to Appendix B Ballot 102 amended section 9.2.3 concerning the use of domainComponents in certificates.
Ballot 104 – EV Domain Validation
July 9, 2013 by Ben WilsonBallot 104 – Domain verification for EV Certificates (Passed) Motion Rich Smith of Comodo made the following motion, and Jeremy Rowley from DigiCert and Mads Henriksveen from Buypass endorsed it: Motion Begins EFFECTIVE IMMEDIATELY, in order to reconcile the differences in domain verification specified in the Baseline Requirements and EV Guidelines, clarify language within the EV Guidelines about the right to use a domain name, and permit additional alternatives in verifying domain control or ownership, we propose amending the EV Guidelines as follows:
July 9, 2013 by Ben WilsonBallot 104 – Domain verification for EV Certificates (Passed) Motion Rich Smith of Comodo made the following motion, and Jeremy Rowley from DigiCert and Mads Henriksveen from Buypass endorsed it: Motion Begins EFFECTIVE IMMEDIATELY, in order to reconcile the differences in domain verification specified in the Baseline Requirements and EV Guidelines, clarify language within the EV Guidelines about the right to use a domain name, and permit additional alternatives in verifying domain control or ownership, we propose amending the EV Guidelines as follows:
Ballot 103 – OCSP AIA and TLS Feature Extension
June 15, 2013 by Ben WilsonThis ballot lacked an endorser.
June 15, 2013 by Ben WilsonThis ballot lacked an endorser.
Ballot 101 – EV 11.10.2 Accountants
June 7, 2013 by Ben WilsonBallot 101 – Section 11.10.2 of EV Guidelines – Accountant Licensing (Passed) Motion Ryan Koski made the following motion, and Ben Wilson from DigiCert and Rich Smith from Comodo endorsed it: Motion Begins EFFECTIVE IMMEDIATELY, in order to eliminate a conflict in the Extended Validation Guidelines between the definition of Accounting Practitioner in Section 4 (Definitions) mentioning “country” and the specific requirements for verifying the status of Accounting Practitioners in 11.10.2(1)(A) which does not, and to clarify the requirement, we propose amending section 11.10.2 as follows:
June 7, 2013 by Ben WilsonBallot 101 – Section 11.10.2 of EV Guidelines – Accountant Licensing (Passed) Motion Ryan Koski made the following motion, and Ben Wilson from DigiCert and Rich Smith from Comodo endorsed it: Motion Begins EFFECTIVE IMMEDIATELY, in order to eliminate a conflict in the Extended Validation Guidelines between the definition of Accounting Practitioner in Section 4 (Definitions) mentioning “country” and the specific requirements for verifying the status of Accounting Practitioners in 11.10.2(1)(A) which does not, and to clarify the requirement, we propose amending section 11.10.2 as follows: