CA/Browser Forum posts
Posts by tag Ballot
Ballot CSC-13 – Update to Subscriber Key Protection Requirements
April 6, 2022 by Corey BonnellResults of Review Period (Mailing list post is available here.) The review period has ended and no exclusion notices were filed. The final documents, with the effective date being 2022-05-09, are available here. Results of Voting (Mailing list post is available here.) Yes No Abstain Certificate Issuers Certum (Asseco), DigiCert, eMudhra, Entrust, HARICA, Sectigo, SSL.com Certificate Consumers Microsoft The ballot has PASSED. Purpose of the Ballot Update the subscriber private key protection requirements in the Baseline Requirement for the Issuance and Management of Publicly-Trusted Code Signing Certificates v2.
April 6, 2022 by Corey BonnellResults of Review Period (Mailing list post is available here.) The review period has ended and no exclusion notices were filed. The final documents, with the effective date being 2022-05-09, are available here. Results of Voting (Mailing list post is available here.) Yes No Abstain Certificate Issuers Certum (Asseco), DigiCert, eMudhra, Entrust, HARICA, Sectigo, SSL.com Certificate Consumers Microsoft The ballot has PASSED. Purpose of the Ballot Update the subscriber private key protection requirements in the Baseline Requirement for the Issuance and Management of Publicly-Trusted Code Signing Certificates v2.
Ballot SC54: Onion Cleanup
March 24, 2022 by Jos PurvisVoting Results Certificate Issuers 18 votes total, with no abstentions: 18 Yes votes: Amazon, Buypass, DigiCert, eMudhra, Entrust, GDCA, GlobalSign, GoDaddy, HARICA, Izenpe, JPRS, NAVER, OISTE, Sectigo, SwissSign, TrustCor, SecureTrust, Visa 0 No Votes 0 Abstentions Certificate Consumers 6 votes total, with no abstentions: 6 Yes votes: 360, Apple, Cisco, Google, Microsoft, Mozilla 0 No votes 0 Abstentions Bylaw Requirements Bylaw 2.3(f) requires: A “yes” vote by two-thirds of Certificate Issuer votes and by 50%-plus-one of Certificate Consumer votes.
March 24, 2022 by Jos PurvisVoting Results Certificate Issuers 18 votes total, with no abstentions: 18 Yes votes: Amazon, Buypass, DigiCert, eMudhra, Entrust, GDCA, GlobalSign, GoDaddy, HARICA, Izenpe, JPRS, NAVER, OISTE, Sectigo, SwissSign, TrustCor, SecureTrust, Visa 0 No Votes 0 Abstentions Certificate Consumers 6 votes total, with no abstentions: 6 Yes votes: 360, Apple, Cisco, Google, Microsoft, Mozilla 0 No votes 0 Abstentions Bylaw Requirements Bylaw 2.3(f) requires: A “yes” vote by two-thirds of Certificate Issuer votes and by 50%-plus-one of Certificate Consumer votes.
Ballot CSC-6 – Update to Subscriber Private Key Protection Requirements
March 2, 2022 by Corey BonnellResults of Voting (Mailing list post is available here.) Yes No Abstain Certificate Issuers DigiCert, Entrust, GlobalSign, HARICA, SecureTrust Certificate Consumers Microsoft The ballot has FAILED. Purpose of the ballot Update the subscriber private key protection requirements in the Baseline Requirement for the Issuance and Management of Publicly-Trusted Code Signing Certificates v2.7. The following motion has been proposed by Ian McMillan of Microsoft, and endorsed by Tim Hollebeek of DigiCert and Bruce Morton of Entrust.
March 2, 2022 by Corey BonnellResults of Voting (Mailing list post is available here.) Yes No Abstain Certificate Issuers DigiCert, Entrust, GlobalSign, HARICA, SecureTrust Certificate Consumers Microsoft The ballot has FAILED. Purpose of the ballot Update the subscriber private key protection requirements in the Baseline Requirement for the Issuance and Management of Publicly-Trusted Code Signing Certificates v2.7. The following motion has been proposed by Ian McMillan of Microsoft, and endorsed by Tim Hollebeek of DigiCert and Bruce Morton of Entrust.
Ballot SC51: Reduce and Clarify Audit Log and Records Archival Retention Requirements
March 1, 2022 by Jos PurvisVoting Results Certificate Issuers 21 votes total, with no abstentions: 21 Yes votes: Amazon, Certigna (DHIMYOTIS), Certum (Asseco), Chunghwa Telecom, DigiCert, Disig, eMudhra, Entrust, Firmaprofesional, GDCA, GlobalSign, GoDaddy, HARICA, Izenpe, JPRS, Let’s Encrypt / ISRG, SSL.com, TWCA, TrustCor, SecureTrust, Visa 0 No Votes 0 Abstentions Certificate Consumers 5 votes total, with no abstentions: 5 Yes votes: Apple, Cisco, Google, Microsoft, Mozilla 0 No votes 0 Abstentions Bylaw Requirements Bylaw 2.3(f) requires: A “yes” vote by two-thirds of Certificate Issuer votes and by 50%-plus-one of Certificate Consumer votes.
March 1, 2022 by Jos PurvisVoting Results Certificate Issuers 21 votes total, with no abstentions: 21 Yes votes: Amazon, Certigna (DHIMYOTIS), Certum (Asseco), Chunghwa Telecom, DigiCert, Disig, eMudhra, Entrust, Firmaprofesional, GDCA, GlobalSign, GoDaddy, HARICA, Izenpe, JPRS, Let’s Encrypt / ISRG, SSL.com, TWCA, TrustCor, SecureTrust, Visa 0 No Votes 0 Abstentions Certificate Consumers 5 votes total, with no abstentions: 5 Yes votes: Apple, Cisco, Google, Microsoft, Mozilla 0 No votes 0 Abstentions Bylaw Requirements Bylaw 2.3(f) requires: A “yes” vote by two-thirds of Certificate Issuer votes and by 50%-plus-one of Certificate Consumer votes.
Ballot NS-001: Adopt Network and Certificate System Security Requirements
February 8, 2022 by Ben WilsonThis email begins the discussion period for Ballot NS-001: Adopt Network and Certificate System Security Requirements. PURPOSE OF BALLOT The purpose of this ballot is for the Networking Security Working Group to formally adopt version 1.7 of the Network and Certificate System Security Requirements as currently published by the CA/Browser Forum. MOTION The following motion has been proposed by Clint Wilson of Apple and endorsed by Tim Hollebeek of DigiCert and Ben Wilson of Mozilla.
February 8, 2022 by Ben WilsonThis email begins the discussion period for Ballot NS-001: Adopt Network and Certificate System Security Requirements. PURPOSE OF BALLOT The purpose of this ballot is for the Networking Security Working Group to formally adopt version 1.7 of the Network and Certificate System Security Requirements as currently published by the CA/Browser Forum. MOTION The following motion has been proposed by Clint Wilson of Apple and endorsed by Tim Hollebeek of DigiCert and Ben Wilson of Mozilla.
Ballot SC53: Sunset for SHA-1 OCSP Signing
January 26, 2022 by Jos PurvisVoting Results The voting on ballot SC53 has completed, and the ballot has passed. Certificate Issuers 21 votes total, with no abstentions: 21 Yes votes: Buypass, Certigna (DHIMYOTIS), Certum (Asseco), Chunghwa Telecom, D-TRUST, DigiCert, Disig, eMudhra, Entrust, Firmaprofesional, GDCA, GlobalSign, GoDaddy, HARICA, Izenpe, JPRS, Let’s Encrypt / ISRG, OISTE, Sectigo, TrustCor, SecureTrust 0 No Votes 0 Abstentions Certificate Consumers 5 votes total, with no abstentions: 5 Yes votes: Apple, Cisco, Google, Microsoft, Mozilla 0 No votes 0 Abstentions Bylaw Requirements Bylaw 2.
January 26, 2022 by Jos PurvisVoting Results The voting on ballot SC53 has completed, and the ballot has passed. Certificate Issuers 21 votes total, with no abstentions: 21 Yes votes: Buypass, Certigna (DHIMYOTIS), Certum (Asseco), Chunghwa Telecom, D-TRUST, DigiCert, Disig, eMudhra, Entrust, Firmaprofesional, GDCA, GlobalSign, GoDaddy, HARICA, Izenpe, JPRS, Let’s Encrypt / ISRG, OISTE, Sectigo, TrustCor, SecureTrust 0 No Votes 0 Abstentions Certificate Consumers 5 votes total, with no abstentions: 5 Yes votes: Apple, Cisco, Google, Microsoft, Mozilla 0 No votes 0 Abstentions Bylaw Requirements Bylaw 2.
Ballot SC-52 v 2: Specify CRL Validity Intervals in Seconds
January 1, 2022 by Ben WilsonBallot SC-52 version 2: Specify CRL Validity Intervals in Seconds This ballot expired before entering the voting period. Purpose of Ballot: Similar to Ballot SC-31 which modified the specification of OCSP validity periods to be in seconds, this ballot modifies the specification of CRL validity periods to be in seconds to avoid confusion about exactly which periods are valid and which are not. The ballot also specifies that other time
January 1, 2022 by Ben WilsonBallot SC-52 version 2: Specify CRL Validity Intervals in Seconds This ballot expired before entering the voting period. Purpose of Ballot: Similar to Ballot SC-31 which modified the specification of OCSP validity periods to be in seconds, this ballot modifies the specification of CRL validity periods to be in seconds to avoid confusion about exactly which periods are valid and which are not. The ballot also specifies that other time
Ballot Forum-17 – Creation of Network Security Working Group
December 28, 2021 by Ben WilsonThe voting on ballot FORUM-17 has completed, and the ballot has passed. Voting Results Certificate Issuers 22 votes total, with no abstentions: 22 Yes votes: Buypass, Certum (Asseco), D-TRUST, DigiCert, Disig, eMudhra, Entrust, E-TUGRA, GDCA, GlobalSign, GoDaddy, HARICA, JPRS, Let’s Encrypt/ISRG, MSC Trustgate, OISTE, SECOM, Sectigo, SSL.com, SwissSign, Telia Company, SecureTrust, 0 No Votes 0 Abstentions NOTE: A vote placed by GlobalTrust was not received on the public list and will not be counted.
December 28, 2021 by Ben WilsonThe voting on ballot FORUM-17 has completed, and the ballot has passed. Voting Results Certificate Issuers 22 votes total, with no abstentions: 22 Yes votes: Buypass, Certum (Asseco), D-TRUST, DigiCert, Disig, eMudhra, Entrust, E-TUGRA, GDCA, GlobalSign, GoDaddy, HARICA, JPRS, Let’s Encrypt/ISRG, MSC Trustgate, OISTE, SECOM, Sectigo, SSL.com, SwissSign, Telia Company, SecureTrust, 0 No Votes 0 Abstentions NOTE: A vote placed by GlobalTrust was not received on the public list and will not be counted.
Ballot SC50: Remove the requirements of section 4.1.1
November 22, 2021 by Jos PurvisVoting Results Certificate Issuers 24 votes total, with no abstentions: 24 Yes votes: Amazon, Certigna (DHIMYOTIS), Chunghwa Telecom, D-TRUST, DigiCert, Disig, eMudhra, Entrust, Firmaprofesional, GDCA, GlobalSign, GoDaddy, HARICA, Izenpe, JPRS, Kamu SM, Let’s Encrypt / ISRG, OISTE, Sectigo, SSL.com, SwissSign, Telia Company, TrustCor, Visa 0 No Votes 0 Abstentions Certificate Consumers 5 votes total, with no abstentions: 5 Yes votes: Apple, Cisco, Google, Mozilla, 360 0 No Votes 0 Abstentions Bylaw Requirements Bylaw 2.
November 22, 2021 by Jos PurvisVoting Results Certificate Issuers 24 votes total, with no abstentions: 24 Yes votes: Amazon, Certigna (DHIMYOTIS), Chunghwa Telecom, D-TRUST, DigiCert, Disig, eMudhra, Entrust, Firmaprofesional, GDCA, GlobalSign, GoDaddy, HARICA, Izenpe, JPRS, Kamu SM, Let’s Encrypt / ISRG, OISTE, Sectigo, SSL.com, SwissSign, Telia Company, TrustCor, Visa 0 No Votes 0 Abstentions Certificate Consumers 5 votes total, with no abstentions: 5 Yes votes: Apple, Cisco, Google, Mozilla, 360 0 No Votes 0 Abstentions Bylaw Requirements Bylaw 2.
Ballot CSC-12 – CRL Revocation Date Clarification
November 3, 2021 by Corey BonnellResults of IPR Review (Mailing list post is available here.) The review period has ended and no exclusion notices were filed. The final documents, with the effective date being 2021-12-03, are available here. Results of Voting (Mailing list post is available here.) Yes No Abstain Certificate Issuers Certum (Asseco), DigiCert, Entrust, E-TUGRA, GlobalSign, HARICA, Sectigo, SSL.com Certificate Consumers Microsoft The ballot has PASSED. Purpose of the Ballot While RFC 5280, section 5.
November 3, 2021 by Corey BonnellResults of IPR Review (Mailing list post is available here.) The review period has ended and no exclusion notices were filed. The final documents, with the effective date being 2021-12-03, are available here. Results of Voting (Mailing list post is available here.) Yes No Abstain Certificate Issuers Certum (Asseco), DigiCert, Entrust, E-TUGRA, GlobalSign, HARICA, Sectigo, SSL.com Certificate Consumers Microsoft The ballot has PASSED. Purpose of the Ballot While RFC 5280, section 5.