CA/Browser Forum posts
Posts by tag Ballot
Ballot 28 – Membership Criteria
June 8, 2009 by Ben WilsonBallot 28 – Membership Criteria (Failed Quorum) Motion Tim Moses has made the following motion, and Ben Wilson and Moudrick Dadashov have endorsed it: Motion begins The Forum should adopt the following membership criteria immediately upon successful completion of the ballot. Membership criteria, CA / Browser Forum Version 06 Voting members of the CA/Browser Forum shall meet at least one of the following criteria. Issuing CA:- The member organization operates a certification authority that has a current and successful WebTrust for CAs audit, or ETSI 102042 or ETSI 101456 audit report prepared by a properly-qualified auditor, and that actively issues certificates to Web servers that are openly accessible from the Internet using any one of the mainstream browsers.
June 8, 2009 by Ben WilsonBallot 28 – Membership Criteria (Failed Quorum) Motion Tim Moses has made the following motion, and Ben Wilson and Moudrick Dadashov have endorsed it: Motion begins The Forum should adopt the following membership criteria immediately upon successful completion of the ballot. Membership criteria, CA / Browser Forum Version 06 Voting members of the CA/Browser Forum shall meet at least one of the following criteria. Issuing CA:- The member organization operates a certification authority that has a current and successful WebTrust for CAs audit, or ETSI 102042 or ETSI 101456 audit report prepared by a properly-qualified auditor, and that actively issues certificates to Web servers that are openly accessible from the Internet using any one of the mainstream browsers.
Ballot 27 – Alternatives for Verifying Domain Control
May 26, 2009 by Ben WilsonBallot 27 – Alternatives for Verifying Domain Control (Rejected) Motion Steve Roylance made the following motion, and Bruce Morton and Bjørn Vermo endorsed it: Motion begins The Guidelines should be amended by the following erratum. Erratum begins Replace 18(b)(2)(B): (B) In cases where the registered domain holder cannot be contacted, the CA MUST: (1) Rely on a Verified Legal Opinion to the effect that Applicant has the exclusive right to use the specified domain name in identifying itself on the Internet, and
May 26, 2009 by Ben WilsonBallot 27 – Alternatives for Verifying Domain Control (Rejected) Motion Steve Roylance made the following motion, and Bruce Morton and Bjørn Vermo endorsed it: Motion begins The Guidelines should be amended by the following erratum. Erratum begins Replace 18(b)(2)(B): (B) In cases where the registered domain holder cannot be contacted, the CA MUST: (1) Rely on a Verified Legal Opinion to the effect that Applicant has the exclusive right to use the specified domain name in identifying itself on the Internet, and
Ballot 25 – PolicyQualifierld
April 6, 2009 by Ben WilsonBallot 25 – PolicyQualifierld Motion Mads Henriksveen made the following motion, and Tim Moses and Robin Alden endorsed it: Motion begins Effective upon ratification of the ballot, the Guidelines should be amended by the following erratum. Erratum begins Replace this text from Appendix B, Section 2a: ” certificatePolicies:policyQualifiers:policyQualifierId • id-qt 2 ” with: ” certificatePolicies:policyQualifiers:policyQualifierId • id-qt 1 ” Erratum ends Motion ends The ballot review period comes into effect at 2100 UTC on 23 Mar 09 and will close at 2100 UTC on 30 Mar 2009.
April 6, 2009 by Ben WilsonBallot 25 – PolicyQualifierld Motion Mads Henriksveen made the following motion, and Tim Moses and Robin Alden endorsed it: Motion begins Effective upon ratification of the ballot, the Guidelines should be amended by the following erratum. Erratum begins Replace this text from Appendix B, Section 2a: ” certificatePolicies:policyQualifiers:policyQualifierId • id-qt 2 ” with: ” certificatePolicies:policyQualifiers:policyQualifierId • id-qt 1 ” Erratum ends Motion ends The ballot review period comes into effect at 2100 UTC on 23 Mar 09 and will close at 2100 UTC on 30 Mar 2009.
Ballot 26 – Certificate Reissuance
March 17, 2009 by Ben WilsonBallot 26 – Certificate Reissuance (Passed Unanimously) Motion Steve Roylance made the following motion, and Ben Wilson and Jay Schiavo endorsed it: Motion begins The Guidelines should be amended by the following erratum. Erratum begins Replace this section which was itself previously amended by Errata: “25. EV Certificate Renewal Verification Requirements (a) Validation for Renewal Requests. In conjunction with the EV Certificate Renewal process, the CA MUST perform all authentication and verification tasks required by these Guidelines to ensure that the renewal request is properly authorized by Applicant and that the information in the EV Certificate is still accurate and valid.
March 17, 2009 by Ben WilsonBallot 26 – Certificate Reissuance (Passed Unanimously) Motion Steve Roylance made the following motion, and Ben Wilson and Jay Schiavo endorsed it: Motion begins The Guidelines should be amended by the following erratum. Erratum begins Replace this section which was itself previously amended by Errata: “25. EV Certificate Renewal Verification Requirements (a) Validation for Renewal Requests. In conjunction with the EV Certificate Renewal process, the CA MUST perform all authentication and verification tasks required by these Guidelines to ensure that the renewal request is properly authorized by Applicant and that the information in the EV Certificate is still accurate and valid.
Ballot 24 – Acceptable Audits in EV Processing Guidelines
February 13, 2009 by Ben WilsonBallot 24 – Acceptable Audits in EV Processing Guidelines (Passed Unanimously) Motion Stephen Davidson made the following motion and it was endorsed by Ben Wilson and Johnathan Nightingale. Motion begins Effective 13 Feb 2009, the EV Processing Requirements should be amended in accordance with the following erratum. For inclusion of an EV CA, the current EV Processing Requirements refer to “an acceptable audit program” whereas the EV Guidelines are more specific in Section J, referring to “equivalent audit procedures approved by the CA/Browser Forum”.
February 13, 2009 by Ben WilsonBallot 24 – Acceptable Audits in EV Processing Guidelines (Passed Unanimously) Motion Stephen Davidson made the following motion and it was endorsed by Ben Wilson and Johnathan Nightingale. Motion begins Effective 13 Feb 2009, the EV Processing Requirements should be amended in accordance with the following erratum. For inclusion of an EV CA, the current EV Processing Requirements refer to “an acceptable audit program” whereas the EV Guidelines are more specific in Section J, referring to “equivalent audit procedures approved by the CA/Browser Forum”.
Ballot 23 – EV Processing Guidelines
January 16, 2009 by Ben WilsonBallot 23 – EV Processing Guidelines (Passed) Motion Tim Moses made the following motion, which was endorsed by Bjorn Vermo and Charlie Buckley. Motion begins The EV Processing Guidelines at … should be adopted by the CABForum. Motion ends The ballot review period comes into effect at 1700 EST on 19 Dec 2008,and will close at 1700 EST on 9 Jan 2009. Unless the motion is withdrawn during the review period, the voting period will start immediately thereafter and will close at 1700 EST on 16 Jan 2009.
January 16, 2009 by Ben WilsonBallot 23 – EV Processing Guidelines (Passed) Motion Tim Moses made the following motion, which was endorsed by Bjorn Vermo and Charlie Buckley. Motion begins The EV Processing Guidelines at … should be adopted by the CABForum. Motion ends The ballot review period comes into effect at 1700 EST on 19 Dec 2008,and will close at 1700 EST on 9 Jan 2009. Unless the motion is withdrawn during the review period, the voting period will start immediately thereafter and will close at 1700 EST on 16 Jan 2009.
Ballot 22 – RSA 1024 Retirement
December 29, 2008 by Ben WilsonBallot 22 – RSA 1024 Retirement (Unanimously Passed) Motion Robin Alden made the following motion, and Steve Medin and Moudrick Dadashov endorsed it. Motion begins The Guidelines should be amended in accordance with the following erratum. Erratum begins Delete Appendix A and replace it with the following. Appendix A Minimum Cryptographic Algorithm and Key Sizes Root CA Certificates Root Certificates whose validity period begins on or before 31 Dec 2010 Root Certificates whose validity period begins after 31 Dec 2010 Digest algorithm MD5 (NOT RECOMMENDED),SHA-1 SHA-1*, SHA-256, SHA-384 or SHA-512 RSA 2048† 2048 ECC NIST P-256 NIST P-256 Subordinate CA Certificates Subordinate CA Certificates whose validity period begins on or before 31 Dec 2010 Subordinate CA Certificates whose validity period begins after 31 Dec 2010 Digest algorithm SHA-1 SHA-1*, SHA-256, SHA-384 or SHA-512 RSA 1024 2048 ECC NIST P-256 NIST P-256 Subscriber Certificates Subscriber Certificates whose validity period ends on or before 31 Dec 2010 Subscriber Certificates whose validity period ends after 31 Dec 2010 Digest algorithm SHA-1 SHA1*, SHA-256, SHA-384 or SHA-512 RSA 1024 2048 ECC NIST P-256 NIST P-256 † A Subscriber Certificate may, in addition, chain to an EV-enabled <2048-bit key RSA root CA certificate.
December 29, 2008 by Ben WilsonBallot 22 – RSA 1024 Retirement (Unanimously Passed) Motion Robin Alden made the following motion, and Steve Medin and Moudrick Dadashov endorsed it. Motion begins The Guidelines should be amended in accordance with the following erratum. Erratum begins Delete Appendix A and replace it with the following. Appendix A Minimum Cryptographic Algorithm and Key Sizes Root CA Certificates Root Certificates whose validity period begins on or before 31 Dec 2010 Root Certificates whose validity period begins after 31 Dec 2010 Digest algorithm MD5 (NOT RECOMMENDED),SHA-1 SHA-1*, SHA-256, SHA-384 or SHA-512 RSA 2048† 2048 ECC NIST P-256 NIST P-256 Subordinate CA Certificates Subordinate CA Certificates whose validity period begins on or before 31 Dec 2010 Subordinate CA Certificates whose validity period begins after 31 Dec 2010 Digest algorithm SHA-1 SHA-1*, SHA-256, SHA-384 or SHA-512 RSA 1024 2048 ECC NIST P-256 NIST P-256 Subscriber Certificates Subscriber Certificates whose validity period ends on or before 31 Dec 2010 Subscriber Certificates whose validity period ends after 31 Dec 2010 Digest algorithm SHA-1 SHA1*, SHA-256, SHA-384 or SHA-512 RSA 1024 2048 ECC NIST P-256 NIST P-256 † A Subscriber Certificate may, in addition, chain to an EV-enabled <2048-bit key RSA root CA certificate.
Ballot 21 – Phone Number at Place of Business
December 4, 2008 by Ben WilsonBallot 21 – Phone Number at Place of Business (Passed Unanimously) Motion Ken Bretschneider made the following motion, and Nick Hales and Bruce Morton endorsed it. Motion begins The Guidelines should be amended in accordance with the following erratum. Erratum begins Delete Section 16b and replace it with the following. (b) Telephone Number for Applicant’s Place of Business (1) Verification Requirements To further verify Applicant’s physical existence and business presence, as well as to assist in confirming other verification requirements, the CA MUST verify that the telephone number provided by Applicant is a main phone number for Applicant’s Place of Business.
December 4, 2008 by Ben WilsonBallot 21 – Phone Number at Place of Business (Passed Unanimously) Motion Ken Bretschneider made the following motion, and Nick Hales and Bruce Morton endorsed it. Motion begins The Guidelines should be amended in accordance with the following erratum. Erratum begins Delete Section 16b and replace it with the following. (b) Telephone Number for Applicant’s Place of Business (1) Verification Requirements To further verify Applicant’s physical existence and business presence, as well as to assist in confirming other verification requirements, the CA MUST verify that the telephone number provided by Applicant is a main phone number for Applicant’s Place of Business.
Ballot 20 – ETSI Letter of Intent
November 7, 2008 by Ben WilsonBallot 20 – ETSI Letter of Intent (Passed Unanimously) Motion Ben Wilson made the following motion, and Tom Albertson and Iñigo Barreira endorsed it. Motion begins The members authorize Tim Moses to sign the attached “Letter of Intent to cooperate between CA/Browser Forum and ETSI” as Chairperson of the CA/Browser Forum without recourse or liability to Mr. Moses or to the individual members of the CA/Browser Forum for any breach of the Letter of Intent.
November 7, 2008 by Ben WilsonBallot 20 – ETSI Letter of Intent (Passed Unanimously) Motion Ben Wilson made the following motion, and Tom Albertson and Iñigo Barreira endorsed it. Motion begins The members authorize Tim Moses to sign the attached “Letter of Intent to cooperate between CA/Browser Forum and ETSI” as Chairperson of the CA/Browser Forum without recourse or liability to Mr. Moses or to the individual members of the CA/Browser Forum for any breach of the Letter of Intent.
Ballot 19 – Authoritative Time Source
November 7, 2008 by Ben WilsonBallot 19 – Authoritative Time Source (Passed Unanimously) Motion Ben Wilson made the following motion, and Peri Drucker and Bjørn Vermo endorsed it. Motion begins The Guidelines should be amended in accordance with the following erratum. Erratum begins In Appendix I, replace the paragraph that reads “An EV Timestamp Authority MUST be synchronized with a publicly accepted time source in the jurisdiction of its operation, (e.g. NIST or Naval Laboratory in the United States).
November 7, 2008 by Ben WilsonBallot 19 – Authoritative Time Source (Passed Unanimously) Motion Ben Wilson made the following motion, and Peri Drucker and Bjørn Vermo endorsed it. Motion begins The Guidelines should be amended in accordance with the following erratum. Erratum begins In Appendix I, replace the paragraph that reads “An EV Timestamp Authority MUST be synchronized with a publicly accepted time source in the jurisdiction of its operation, (e.g. NIST or Naval Laboratory in the United States).