CA/Browser Forum posts
Posts by tag Ballot
Ballot NS-001: Adopt Network and Certificate System Security Requirements
February 8, 2022 by Ben WilsonThis email begins the discussion period for Ballot NS-001: Adopt Network and Certificate System Security Requirements. PURPOSE OF BALLOT The purpose of this ballot is for the Networking Security Working Group to formally adopt version 1.7 of the Network and Certificate System Security Requirements as currently published by the CA/Browser Forum. MOTION The following motion has been proposed by Clint Wilson of Apple and endorsed by Tim Hollebeek of DigiCert and Ben Wilson of Mozilla.
February 8, 2022 by Ben WilsonThis email begins the discussion period for Ballot NS-001: Adopt Network and Certificate System Security Requirements. PURPOSE OF BALLOT The purpose of this ballot is for the Networking Security Working Group to formally adopt version 1.7 of the Network and Certificate System Security Requirements as currently published by the CA/Browser Forum. MOTION The following motion has been proposed by Clint Wilson of Apple and endorsed by Tim Hollebeek of DigiCert and Ben Wilson of Mozilla.
Ballot SC53: Sunset for SHA-1 OCSP Signing
January 26, 2022 by Jos PurvisVoting Results The voting on ballot SC53 has completed, and the ballot has passed. Certificate Issuers 21 votes total, with no abstentions: 21 Yes votes: Buypass, Certigna (DHIMYOTIS), Certum (Asseco), Chunghwa Telecom, D-TRUST, DigiCert, Disig, eMudhra, Entrust, Firmaprofesional, GDCA, GlobalSign, GoDaddy, HARICA, Izenpe, JPRS, Let’s Encrypt / ISRG, OISTE, Sectigo, TrustCor, SecureTrust 0 No Votes 0 Abstentions Certificate Consumers 5 votes total, with no abstentions: 5 Yes votes: Apple, Cisco, Google, Microsoft, Mozilla 0 No votes 0 Abstentions Bylaw Requirements Bylaw 2.
January 26, 2022 by Jos PurvisVoting Results The voting on ballot SC53 has completed, and the ballot has passed. Certificate Issuers 21 votes total, with no abstentions: 21 Yes votes: Buypass, Certigna (DHIMYOTIS), Certum (Asseco), Chunghwa Telecom, D-TRUST, DigiCert, Disig, eMudhra, Entrust, Firmaprofesional, GDCA, GlobalSign, GoDaddy, HARICA, Izenpe, JPRS, Let’s Encrypt / ISRG, OISTE, Sectigo, TrustCor, SecureTrust 0 No Votes 0 Abstentions Certificate Consumers 5 votes total, with no abstentions: 5 Yes votes: Apple, Cisco, Google, Microsoft, Mozilla 0 No votes 0 Abstentions Bylaw Requirements Bylaw 2.
Ballot SC-52 v 2: Specify CRL Validity Intervals in Seconds
January 1, 2022 by Ben WilsonBallot SC-52 version 2: Specify CRL Validity Intervals in Seconds This ballot expired before entering the voting period. Purpose of Ballot: Similar to Ballot SC-31 which modified the specification of OCSP validity periods to be in seconds, this ballot modifies the specification of CRL validity periods to be in seconds to avoid confusion about exactly which periods are valid and which are not. The ballot also specifies that other time
January 1, 2022 by Ben WilsonBallot SC-52 version 2: Specify CRL Validity Intervals in Seconds This ballot expired before entering the voting period. Purpose of Ballot: Similar to Ballot SC-31 which modified the specification of OCSP validity periods to be in seconds, this ballot modifies the specification of CRL validity periods to be in seconds to avoid confusion about exactly which periods are valid and which are not. The ballot also specifies that other time
Ballot Forum-17 – Creation of Network Security Working Group
December 28, 2021 by Ben WilsonThe voting on ballot FORUM-17 has completed, and the ballot has passed. Voting Results Certificate Issuers 22 votes total, with no abstentions: 22 Yes votes: Buypass, Certum (Asseco), D-TRUST, DigiCert, Disig, eMudhra, Entrust, E-TUGRA, GDCA, GlobalSign, GoDaddy, HARICA, JPRS, Let’s Encrypt/ISRG, MSC Trustgate, OISTE, SECOM, Sectigo, SSL.com, SwissSign, Telia Company, SecureTrust, 0 No Votes 0 Abstentions NOTE: A vote placed by GlobalTrust was not received on the public list and will not be counted.
December 28, 2021 by Ben WilsonThe voting on ballot FORUM-17 has completed, and the ballot has passed. Voting Results Certificate Issuers 22 votes total, with no abstentions: 22 Yes votes: Buypass, Certum (Asseco), D-TRUST, DigiCert, Disig, eMudhra, Entrust, E-TUGRA, GDCA, GlobalSign, GoDaddy, HARICA, JPRS, Let’s Encrypt/ISRG, MSC Trustgate, OISTE, SECOM, Sectigo, SSL.com, SwissSign, Telia Company, SecureTrust, 0 No Votes 0 Abstentions NOTE: A vote placed by GlobalTrust was not received on the public list and will not be counted.
Ballot SC50: Remove the requirements of section 4.1.1
November 22, 2021 by Jos PurvisVoting Results Certificate Issuers 24 votes total, with no abstentions: 24 Yes votes: Amazon, Certigna (DHIMYOTIS), Chunghwa Telecom, D-TRUST, DigiCert, Disig, eMudhra, Entrust, Firmaprofesional, GDCA, GlobalSign, GoDaddy, HARICA, Izenpe, JPRS, Kamu SM, Let’s Encrypt / ISRG, OISTE, Sectigo, SSL.com, SwissSign, Telia Company, TrustCor, Visa 0 No Votes 0 Abstentions Certificate Consumers 5 votes total, with no abstentions: 5 Yes votes: Apple, Cisco, Google, Mozilla, 360 0 No Votes 0 Abstentions Bylaw Requirements Bylaw 2.
November 22, 2021 by Jos PurvisVoting Results Certificate Issuers 24 votes total, with no abstentions: 24 Yes votes: Amazon, Certigna (DHIMYOTIS), Chunghwa Telecom, D-TRUST, DigiCert, Disig, eMudhra, Entrust, Firmaprofesional, GDCA, GlobalSign, GoDaddy, HARICA, Izenpe, JPRS, Kamu SM, Let’s Encrypt / ISRG, OISTE, Sectigo, SSL.com, SwissSign, Telia Company, TrustCor, Visa 0 No Votes 0 Abstentions Certificate Consumers 5 votes total, with no abstentions: 5 Yes votes: Apple, Cisco, Google, Mozilla, 360 0 No Votes 0 Abstentions Bylaw Requirements Bylaw 2.
Ballot CSC-12 – CRL Revocation Date Clarification
November 3, 2021 by Corey BonnellResults of IPR Review (Mailing list post is available here.) The review period has ended and no exclusion notices were filed. The final documents, with the effective date being 2021-12-03, are available here. Results of Voting (Mailing list post is available here.) Yes No Abstain Certificate Issuers Certum (Asseco), DigiCert, Entrust, E-TUGRA, GlobalSign, HARICA, Sectigo, SSL.com Certificate Consumers Microsoft The ballot has PASSED. Purpose of the Ballot While RFC 5280, section 5.
November 3, 2021 by Corey BonnellResults of IPR Review (Mailing list post is available here.) The review period has ended and no exclusion notices were filed. The final documents, with the effective date being 2021-12-03, are available here. Results of Voting (Mailing list post is available here.) Yes No Abstain Certificate Issuers Certum (Asseco), DigiCert, Entrust, E-TUGRA, GlobalSign, HARICA, Sectigo, SSL.com Certificate Consumers Microsoft The ballot has PASSED. Purpose of the Ballot While RFC 5280, section 5.
Ballot CSC-11 – Update to log data retention requirements
October 4, 2021 by Corey BonnellResults of IPR Review (Mailing list post is available here.) The review period has ended and no exclusion notices were filed. The final documents, with the effective date being 2021-11-03, are available here. Results of Voting (Mailing list post is available here.) Yes No Abstain Certificate Issuers Certum (Asseco), DigiCert, eMudhra, Entrust, GlobalSign, HARICA, Sectigo, SecureTrust Certificate Consumers Microsoft The ballot has PASSED. Purpose of the Ballot Update the log data and retention of log data requirements in the Baseline Requirement for the Issuance and Management of Publicly-Trusted Code Signing Certificates v2.
October 4, 2021 by Corey BonnellResults of IPR Review (Mailing list post is available here.) The review period has ended and no exclusion notices were filed. The final documents, with the effective date being 2021-11-03, are available here. Results of Voting (Mailing list post is available here.) Yes No Abstain Certificate Issuers Certum (Asseco), DigiCert, eMudhra, Entrust, GlobalSign, HARICA, Sectigo, SecureTrust Certificate Consumers Microsoft The ballot has PASSED. Purpose of the Ballot Update the log data and retention of log data requirements in the Baseline Requirement for the Issuance and Management of Publicly-Trusted Code Signing Certificates v2.
Ballot SC49: Special Election for Server Certificate Working Group Vice-Chair
September 27, 2021 by Jos PurvisVoting Results The voting on ballot SC49 has completed, and the ballot has passed. Congratulations to Doug Beattie, elected the new Vice-Chair of the Server Certificate Working Group! Certificate Issuers 24 votes total 24 Yes votes: Actalis, Amazon, Buypass, Certum (Asseco), D-TRUST, DigiCert, Disig, eMudhra, Entrust, E-TUGRA, Firmaprofesional, GlobalSign, GoDaddy, HARICA, Izenpe, JPRS, Kamu SM, OISTE, Sectigo, SwissSign, Telia Company, TrustCor, SecureTrust, Visa 0 No Votes 0 Abstentions Certificate Consumers 3 votes total, with no abstentions
September 27, 2021 by Jos PurvisVoting Results The voting on ballot SC49 has completed, and the ballot has passed. Congratulations to Doug Beattie, elected the new Vice-Chair of the Server Certificate Working Group! Certificate Issuers 24 votes total 24 Yes votes: Actalis, Amazon, Buypass, Certum (Asseco), D-TRUST, DigiCert, Disig, eMudhra, Entrust, E-TUGRA, Firmaprofesional, GlobalSign, GoDaddy, HARICA, Izenpe, JPRS, Kamu SM, OISTE, Sectigo, SwissSign, Telia Company, TrustCor, SecureTrust, Visa 0 No Votes 0 Abstentions Certificate Consumers 3 votes total, with no abstentions
Ballot CSC-9 – Spring 2021 Cleanup and Clarification
September 9, 2021 by Ben WilsonIPR Review Results The review period has ended and no exclusion notices were filed. The final documents, with the effective date being 9 September 2021, are available here. Voting Results Voting on Ballot CSC-9 has concluded and the ballot has passed. Below are the results: CAs voting in favor: Actalis, Certum (Asseco), DigiCert, eMudhra, Entrust, GlobalSign, HARICA, Sectigo, SSL.com, SecureTrust CAs opposed: None CAs abstaining: None Certificate Consumers: In Favor: Microsoft
September 9, 2021 by Ben WilsonIPR Review Results The review period has ended and no exclusion notices were filed. The final documents, with the effective date being 9 September 2021, are available here. Voting Results Voting on Ballot CSC-9 has concluded and the ballot has passed. Below are the results: CAs voting in favor: Actalis, Certum (Asseco), DigiCert, eMudhra, Entrust, GlobalSign, HARICA, Sectigo, SSL.com, SecureTrust CAs opposed: None CAs abstaining: None Certificate Consumers: In Favor: Microsoft
Ballot CSC-10 – WebTrust CSBR v2.0 Audit Criteria
August 13, 2021 by Ben WilsonResults of IPR Review (Mailing list post is available here.) The review period has ended and no exclusion notices were filed. The final documents, with the effective date being 2021-09-13, are available here. Results of Voting (Mailing list post is available here.) Yes No Abstain Certificate Issuers Certum (Asseco), DigiCert, eMudhra, Entrust, GlobalSign, HARICA, Sectigo Certificate Consumers Microsoft The ballot has PASSED. Purpose of the Ballot For Baseline Requirement for the Issuance and Management of Publicly-Trusted Code Signing Certificates v2.
August 13, 2021 by Ben WilsonResults of IPR Review (Mailing list post is available here.) The review period has ended and no exclusion notices were filed. The final documents, with the effective date being 2021-09-13, are available here. Results of Voting (Mailing list post is available here.) Yes No Abstain Certificate Issuers Certum (Asseco), DigiCert, eMudhra, Entrust, GlobalSign, HARICA, Sectigo Certificate Consumers Microsoft The ballot has PASSED. Purpose of the Ballot For Baseline Requirement for the Issuance and Management of Publicly-Trusted Code Signing Certificates v2.