CA/Browser Forum posts
Posts by tag Ballot
Ballot 23 – EV Processing Guidelines
January 16, 2009 by Ben WilsonBallot 23 – EV Processing Guidelines (Passed) Motion Tim Moses made the following motion, which was endorsed by Bjorn Vermo and Charlie Buckley. Motion begins The EV Processing Guidelines at … should be adopted by the CABForum. Motion ends The ballot review period comes into effect at 1700 EST on 19 Dec 2008,and will close at 1700 EST on 9 Jan 2009. Unless the motion is withdrawn during the review period, the voting period will start immediately thereafter and will close at 1700 EST on 16 Jan 2009.
January 16, 2009 by Ben WilsonBallot 23 – EV Processing Guidelines (Passed) Motion Tim Moses made the following motion, which was endorsed by Bjorn Vermo and Charlie Buckley. Motion begins The EV Processing Guidelines at … should be adopted by the CABForum. Motion ends The ballot review period comes into effect at 1700 EST on 19 Dec 2008,and will close at 1700 EST on 9 Jan 2009. Unless the motion is withdrawn during the review period, the voting period will start immediately thereafter and will close at 1700 EST on 16 Jan 2009.
Ballot 22 – RSA 1024 Retirement
December 29, 2008 by Ben WilsonBallot 22 – RSA 1024 Retirement (Unanimously Passed) Motion Robin Alden made the following motion, and Steve Medin and Moudrick Dadashov endorsed it. Motion begins The Guidelines should be amended in accordance with the following erratum. Erratum begins Delete Appendix A and replace it with the following. Appendix A Minimum Cryptographic Algorithm and Key Sizes Root CA Certificates Root Certificates whose validity period begins on or before 31 Dec 2010 Root Certificates whose validity period begins after 31 Dec 2010 Digest algorithm MD5 (NOT RECOMMENDED),SHA-1 SHA-1*, SHA-256, SHA-384 or SHA-512 RSA 2048† 2048 ECC NIST P-256 NIST P-256 Subordinate CA Certificates Subordinate CA Certificates whose validity period begins on or before 31 Dec 2010 Subordinate CA Certificates whose validity period begins after 31 Dec 2010 Digest algorithm SHA-1 SHA-1*, SHA-256, SHA-384 or SHA-512 RSA 1024 2048 ECC NIST P-256 NIST P-256 Subscriber Certificates Subscriber Certificates whose validity period ends on or before 31 Dec 2010 Subscriber Certificates whose validity period ends after 31 Dec 2010 Digest algorithm SHA-1 SHA1*, SHA-256, SHA-384 or SHA-512 RSA 1024 2048 ECC NIST P-256 NIST P-256 † A Subscriber Certificate may, in addition, chain to an EV-enabled <2048-bit key RSA root CA certificate.
December 29, 2008 by Ben WilsonBallot 22 – RSA 1024 Retirement (Unanimously Passed) Motion Robin Alden made the following motion, and Steve Medin and Moudrick Dadashov endorsed it. Motion begins The Guidelines should be amended in accordance with the following erratum. Erratum begins Delete Appendix A and replace it with the following. Appendix A Minimum Cryptographic Algorithm and Key Sizes Root CA Certificates Root Certificates whose validity period begins on or before 31 Dec 2010 Root Certificates whose validity period begins after 31 Dec 2010 Digest algorithm MD5 (NOT RECOMMENDED),SHA-1 SHA-1*, SHA-256, SHA-384 or SHA-512 RSA 2048† 2048 ECC NIST P-256 NIST P-256 Subordinate CA Certificates Subordinate CA Certificates whose validity period begins on or before 31 Dec 2010 Subordinate CA Certificates whose validity period begins after 31 Dec 2010 Digest algorithm SHA-1 SHA-1*, SHA-256, SHA-384 or SHA-512 RSA 1024 2048 ECC NIST P-256 NIST P-256 Subscriber Certificates Subscriber Certificates whose validity period ends on or before 31 Dec 2010 Subscriber Certificates whose validity period ends after 31 Dec 2010 Digest algorithm SHA-1 SHA1*, SHA-256, SHA-384 or SHA-512 RSA 1024 2048 ECC NIST P-256 NIST P-256 † A Subscriber Certificate may, in addition, chain to an EV-enabled <2048-bit key RSA root CA certificate.
Ballot 21 – Phone Number at Place of Business
December 4, 2008 by Ben WilsonBallot 21 – Phone Number at Place of Business (Passed Unanimously) Motion Ken Bretschneider made the following motion, and Nick Hales and Bruce Morton endorsed it. Motion begins The Guidelines should be amended in accordance with the following erratum. Erratum begins Delete Section 16b and replace it with the following. (b) Telephone Number for Applicant’s Place of Business (1) Verification Requirements To further verify Applicant’s physical existence and business presence, as well as to assist in confirming other verification requirements, the CA MUST verify that the telephone number provided by Applicant is a main phone number for Applicant’s Place of Business.
December 4, 2008 by Ben WilsonBallot 21 – Phone Number at Place of Business (Passed Unanimously) Motion Ken Bretschneider made the following motion, and Nick Hales and Bruce Morton endorsed it. Motion begins The Guidelines should be amended in accordance with the following erratum. Erratum begins Delete Section 16b and replace it with the following. (b) Telephone Number for Applicant’s Place of Business (1) Verification Requirements To further verify Applicant’s physical existence and business presence, as well as to assist in confirming other verification requirements, the CA MUST verify that the telephone number provided by Applicant is a main phone number for Applicant’s Place of Business.
Ballot 20 – ETSI Letter of Intent
November 7, 2008 by Ben WilsonBallot 20 – ETSI Letter of Intent (Passed Unanimously) Motion Ben Wilson made the following motion, and Tom Albertson and Iñigo Barreira endorsed it. Motion begins The members authorize Tim Moses to sign the attached “Letter of Intent to cooperate between CA/Browser Forum and ETSI” as Chairperson of the CA/Browser Forum without recourse or liability to Mr. Moses or to the individual members of the CA/Browser Forum for any breach of the Letter of Intent.
November 7, 2008 by Ben WilsonBallot 20 – ETSI Letter of Intent (Passed Unanimously) Motion Ben Wilson made the following motion, and Tom Albertson and Iñigo Barreira endorsed it. Motion begins The members authorize Tim Moses to sign the attached “Letter of Intent to cooperate between CA/Browser Forum and ETSI” as Chairperson of the CA/Browser Forum without recourse or liability to Mr. Moses or to the individual members of the CA/Browser Forum for any breach of the Letter of Intent.
Ballot 19 – Authoritative Time Source
November 7, 2008 by Ben WilsonBallot 19 – Authoritative Time Source (Passed Unanimously) Motion Ben Wilson made the following motion, and Peri Drucker and Bjørn Vermo endorsed it. Motion begins The Guidelines should be amended in accordance with the following erratum. Erratum begins In Appendix I, replace the paragraph that reads “An EV Timestamp Authority MUST be synchronized with a publicly accepted time source in the jurisdiction of its operation, (e.g. NIST or Naval Laboratory in the United States).
November 7, 2008 by Ben WilsonBallot 19 – Authoritative Time Source (Passed Unanimously) Motion Ben Wilson made the following motion, and Peri Drucker and Bjørn Vermo endorsed it. Motion begins The Guidelines should be amended in accordance with the following erratum. Erratum begins In Appendix I, replace the paragraph that reads “An EV Timestamp Authority MUST be synchronized with a publicly accepted time source in the jurisdiction of its operation, (e.g. NIST or Naval Laboratory in the United States).
Ballot 18 – Pre-Approved Requests
September 16, 2008 by Ben WilsonBallot 18 – Pre-Approved Requests (Passed Unanimously) Motion Steve Roylance made the following motion, and Bruce Morton and Tony Berman endorsed it. Motion begins The Guidelines should be amended in accordance with the following erratum. Erratum begins Replace this paragraph from Section 11 EV Certificate Request Requirements (a) General Prior to the issuance of an EV Certificate, the CA MUST obtain from Applicant (via a Certificate Requester authorized to act on Applicant’s behalf) a properly completed and signed EV Certificate Request in a form prescribed by the CA and that complies with these Guidelines.
September 16, 2008 by Ben WilsonBallot 18 – Pre-Approved Requests (Passed Unanimously) Motion Steve Roylance made the following motion, and Bruce Morton and Tony Berman endorsed it. Motion begins The Guidelines should be amended in accordance with the following erratum. Erratum begins Replace this paragraph from Section 11 EV Certificate Request Requirements (a) General Prior to the issuance of an EV Certificate, the CA MUST obtain from Applicant (via a Certificate Requester authorized to act on Applicant’s behalf) a properly completed and signed EV Certificate Request in a form prescribed by the CA and that complies with these Guidelines.
Ballot 16- Unverified Content
July 25, 2008 by Ben WilsonBallot 16- Unverified Content (Failed) Motion Stephen Davidson made the following motion, and Bruce Morton and Nick Hales endorsed it: Motion begins The Guidelines should be amended by the following erratum. Erratum begins “Insert the following new item in Section 6, EV Certificate Content Requirements. (b) Other Subject Organization Information EV Certificates SHALL NOT contain fields other than those defined in these Guidelines. Allowed EV Certificate fields SHALL NOT contain values other than those defined in these Guidelines.
July 25, 2008 by Ben WilsonBallot 16- Unverified Content (Failed) Motion Stephen Davidson made the following motion, and Bruce Morton and Nick Hales endorsed it: Motion begins The Guidelines should be amended by the following erratum. Erratum begins “Insert the following new item in Section 6, EV Certificate Content Requirements. (b) Other Subject Organization Information EV Certificates SHALL NOT contain fields other than those defined in these Guidelines. Allowed EV Certificate fields SHALL NOT contain values other than those defined in these Guidelines.
Ballot 15 – Certificate Renewal
July 25, 2008 by Ben WilsonBallot 15 – Certificate Renewal (Passed Unanimously) Motion Nick Hales has made the following motion, and Bruce Morton and Tony Berman have endorsed it: Motion begins The Guidelines should be amended by the following erratum. Erratum begins Replace this paragraph from Section 8 (b) Maximum Validity Period (b) For Validated Data the age of validated data used to support issuance of an EV Certificate (before revalidation is required) SHALL NOT exceed the following limits:
July 25, 2008 by Ben WilsonBallot 15 – Certificate Renewal (Passed Unanimously) Motion Nick Hales has made the following motion, and Bruce Morton and Tony Berman have endorsed it: Motion begins The Guidelines should be amended by the following erratum. Erratum begins Replace this paragraph from Section 8 (b) Maximum Validity Period (b) For Validated Data the age of validated data used to support issuance of an EV Certificate (before revalidation is required) SHALL NOT exceed the following limits:
Ballot 14 – Allowed EKUs
June 17, 2008 by Ben WilsonBallot 14 – Allowed EKUs (Passed Unanimously) Motion Bruce Morton has made the following motion, and Inigo Barreira and Johnathan Nightingale have endorsed it: Motion begins The Guidelines should be amended by the following erratum. Erratum begins Replace the following paragraph from Section 1.(b) “This version of the Guidelines addresses only requirements for EV Certificates intended to be used for server-authentication SSL/TLS on the Internet. Similar requirements for client-authentication SSL/TLS, S/MIME, code-signing, time-stamping, VoIP, IM, Web services, etc.
June 17, 2008 by Ben WilsonBallot 14 – Allowed EKUs (Passed Unanimously) Motion Bruce Morton has made the following motion, and Inigo Barreira and Johnathan Nightingale have endorsed it: Motion begins The Guidelines should be amended by the following erratum. Erratum begins Replace the following paragraph from Section 1.(b) “This version of the Guidelines addresses only requirements for EV Certificates intended to be used for server-authentication SSL/TLS on the Internet. Similar requirements for client-authentication SSL/TLS, S/MIME, code-signing, time-stamping, VoIP, IM, Web services, etc.