CA/Browser Forum posts
Posts by tag Network Security
2022-06-21 Minutes of the Network Security Working Group
June 21, 2022 by Clint WilsonNetSec Working Group – June 21st, 2022 Attendees: Clint Wilson Joanna Fox Thomas Connelly Roman Fischer Ruben Annemans Brittany Randall Prachi Jain Corey Bonnell Paul Van Brouwershaven Aaron Poulsen Trevoli Ponds-White Jillian Karner Ben Wilson Janet Hines Marcelo Silva Dustin Hollenback David Kluge Steven Deitte Daniel Jeffery Tim Crawford Kiran Tummala Rebecca Kelley Daryn Wright Chris Kemmerer Inigo Barreira 1. Read Antitrust Statement Clint Wilson read the antitrust statement. Roll Call Clint Wilson read the roll.
June 21, 2022 by Clint WilsonNetSec Working Group – June 21st, 2022 Attendees: Clint Wilson Joanna Fox Thomas Connelly Roman Fischer Ruben Annemans Brittany Randall Prachi Jain Corey Bonnell Paul Van Brouwershaven Aaron Poulsen Trevoli Ponds-White Jillian Karner Ben Wilson Janet Hines Marcelo Silva Dustin Hollenback David Kluge Steven Deitte Daniel Jeffery Tim Crawford Kiran Tummala Rebecca Kelley Daryn Wright Chris Kemmerer Inigo Barreira 1. Read Antitrust Statement Clint Wilson read the antitrust statement. Roll Call Clint Wilson read the roll.
2022-05-24 Minutes of the Network Security Working Group
May 24, 2022 by Clint WilsonCA/Browser Forum NetSec Meeting Attendance Aaron Poulsen – Amazon Antti Backman – Telia Ben Wilson – Mozilla Bruce Morton – entrust Christopher Bonjean – GlobalSign Clint Wilson – Apple Corey Bonnell – DigiCert Corey Rasmussen – OATI Daryn Wright – GoDaddy Dustin Hollenback – Microsoft Iñigo Barreira – Sectigo Janet Hines – SecureTrust Jillian Karner – Let’s Encrypt Jozef Nigut – Disig Marcelo Silva – Visa Paul van Brouwershaven – Entrust Prachi Jain – Fastly Rebecca Kelley – Apple Roman Fischer – SwissSign Ruben Annemans – GlobalSign Tim Hollebeek – DigiCert Trevoli Ponds – Amazon Trust Services Minutes 1.
May 24, 2022 by Clint WilsonCA/Browser Forum NetSec Meeting Attendance Aaron Poulsen – Amazon Antti Backman – Telia Ben Wilson – Mozilla Bruce Morton – entrust Christopher Bonjean – GlobalSign Clint Wilson – Apple Corey Bonnell – DigiCert Corey Rasmussen – OATI Daryn Wright – GoDaddy Dustin Hollenback – Microsoft Iñigo Barreira – Sectigo Janet Hines – SecureTrust Jillian Karner – Let’s Encrypt Jozef Nigut – Disig Marcelo Silva – Visa Paul van Brouwershaven – Entrust Prachi Jain – Fastly Rebecca Kelley – Apple Roman Fischer – SwissSign Ruben Annemans – GlobalSign Tim Hollebeek – DigiCert Trevoli Ponds – Amazon Trust Services Minutes 1.
2022-05-10 Minutes of the Network Security Working Group
May 10, 2022 by Clint WilsonCA/Browser Forum NetSec Meeting Attendance: Adam Jones – Microsoft Aaron P – Amazon Ben Wilson – Mozilla Bruce Morton – entrust Brittany Randall – GoDaddy Christopher Bonjean – GlobalSign Corey Bonnell – DigiCert Corey Rasmussen – OATI Daryn Wright – GoDaddy David Kluge – Google Trust Services Dustin Hollenback – Microsoft Iñigo Barreira – Sectigo Jillian Karner – Let’s Encrypt Joanna Fox – TrustCor Jozef Nigut – Disig Kiran Tummala – Microsoft Marcelo Silva – Visa Paul van Brouwershaven – Entrust Rebecca Kelley – Apple Roman Fischer – SwissSign Ruben Annemans – GlobalSign Tim Crawford – BDO Tobias Josefowitz – Opera Tony Seymour – Comsign Trevoli Ponds – Amazon Trust Services Minutes 1.
May 10, 2022 by Clint WilsonCA/Browser Forum NetSec Meeting Attendance: Adam Jones – Microsoft Aaron P – Amazon Ben Wilson – Mozilla Bruce Morton – entrust Brittany Randall – GoDaddy Christopher Bonjean – GlobalSign Corey Bonnell – DigiCert Corey Rasmussen – OATI Daryn Wright – GoDaddy David Kluge – Google Trust Services Dustin Hollenback – Microsoft Iñigo Barreira – Sectigo Jillian Karner – Let’s Encrypt Joanna Fox – TrustCor Jozef Nigut – Disig Kiran Tummala – Microsoft Marcelo Silva – Visa Paul van Brouwershaven – Entrust Rebecca Kelley – Apple Roman Fischer – SwissSign Ruben Annemans – GlobalSign Tim Crawford – BDO Tobias Josefowitz – Opera Tony Seymour – Comsign Trevoli Ponds – Amazon Trust Services Minutes 1.
2022-04-26 Minute of the Network Security Working Group
April 26, 2022 by Clint WilsonAttendance Adam Jones – Microsoft Antti Backman – Telia Ben Wilson – Mozilla Bruce Morton – entrust Christopher Bonjean – GlobalSign Clint Wilson – Apple Corey Bonnell – DigiCert Corey Rasmussen – OATI David Kluge – Google Trust Services Iñigo Barreira – Sectigo Joanna Fox – TrustCor Jozef Nigut – Disig Paul van Brouwershaven – Entrust Prachi Jain – Fastly Rebecca Kelley – Apple Roman Fischer – SwissSign Ruben Annemans – GlobalSign Tim Crawford – BDO Tobias Josefowitz – Opera Tony Seymour – Comsign Trevoli Ponds – Amazon Trust Services Minutes 1.
April 26, 2022 by Clint WilsonAttendance Adam Jones – Microsoft Antti Backman – Telia Ben Wilson – Mozilla Bruce Morton – entrust Christopher Bonjean – GlobalSign Clint Wilson – Apple Corey Bonnell – DigiCert Corey Rasmussen – OATI David Kluge – Google Trust Services Iñigo Barreira – Sectigo Joanna Fox – TrustCor Jozef Nigut – Disig Paul van Brouwershaven – Entrust Prachi Jain – Fastly Rebecca Kelley – Apple Roman Fischer – SwissSign Ruben Annemans – GlobalSign Tim Crawford – BDO Tobias Josefowitz – Opera Tony Seymour – Comsign Trevoli Ponds – Amazon Trust Services Minutes 1.
2022-04-12 Minutes of the Network Security Working Group
April 12, 2022 by Clint WilsonNetSec Working Group – April 12th, 2022 Attendees: Antti Backman Adam Jones Ben Wilson Brittany Randall Bruce Morton Clint Wilson Corey Bonnell Corey Rasmussen Christophe Bonjean Daryn Wright David Kluge Dustin Hollenback Heather Warncke Jillian Karner Joanna Fox Jozef Nigut Prachi Jain Tim Crawford Tony Seymour Trevoli Ponds-White 1. Read Antitrust Statement Clint Wilson read the antitrust statement. Roll Call Clint Wilson read the roll. 3. Discussion Items a. We currently don’t have any ballots in discussion.
April 12, 2022 by Clint WilsonNetSec Working Group – April 12th, 2022 Attendees: Antti Backman Adam Jones Ben Wilson Brittany Randall Bruce Morton Clint Wilson Corey Bonnell Corey Rasmussen Christophe Bonjean Daryn Wright David Kluge Dustin Hollenback Heather Warncke Jillian Karner Joanna Fox Jozef Nigut Prachi Jain Tim Crawford Tony Seymour Trevoli Ponds-White 1. Read Antitrust Statement Clint Wilson read the antitrust statement. Roll Call Clint Wilson read the roll. 3. Discussion Items a. We currently don’t have any ballots in discussion.
2022-03-29 Minutes of the Network Security Working Group
March 29, 2022 by Clint Wilson2022-03-29 | CABF NetSecWG Minutes Attendees: Adam Jones, Antti Backman, Ben Wilson, Brittany Randall, Bruce Morton, Clint Wilson, Corey Bonnell, Daniel Jeffery, Daryn Wright, David Kluge, Dustin Hollenback, Inigo Barreira, Jillian Karner, Joanna Fox, Jozef Nigut, Kiran Tumala, Marcelo Silva, Pedro Fuentes, Rebecca Kelley, Ruben Annemans, Thomas Connelly, Tim Crawford, Tobias Josefowitz, Tony Seymour, Trevoli Ponds-White Minutes Clint Wilson reads anti-trust statement, verifies recording Dan Jeffery volunteers to take minutes Approval of last meeting minutes Settled on Wednesday 9am Pacific time for this meeting Discussion of Ben’s progress on better defining offline and high security zones Ben asked us to follow up with him during the week to help him stay focused Clint offered to ping later in the week Transition to discussing the risk assessment work Dan presents current progress green striped the new assets tab discussed environment definitions discussed the structure of the tabs now explanation of the concept of green-striped tabs next tab to focus is the scoring explanations tab Discussion of whether we should do further work here Marcello asks a question as to whether root CA and offline CA should be different assessments Clarification that root CA and offline CA will be the same Call for questions Clint identifies some internal resources would be happy to engage and help us refine the risk assessment, when should we do that once we have green stripes done would be one good point, once we have the offline/root CA done would be another good point probably within the next week or two discussion of how that will be done, Clint will see how they want to do it David points out that there has been little progress on filling out scenarios that people had volunteered to look at can we pick what to focus on look at the doc and find the pages David looks over the items and suggests picking one Some discussion of which to pick with Trev, David and Dan Trev will take an unassigned category tomorrow Trev points out we don’t have anything else today Agree to discuss the assets tab right now since it’s ‘done’ quick recap of what green stripe/done means Sharing of assets tab and discussion of how we got to this list Take five minutes to let everyone read over the current assets Marcello raises concern with the data transfer capabilities and underlying software assets covering too much and us missing things Trev and Dan responds and long discussion with Marcello about why the categories are organised as they are Marcello agrees to make a comment on items on how he thinks they could be broken up so we can review them Trev suggests putting a comment on the column heading to explain the contents and purpose better Marcello raises line 21 to understand why registration is with OCSP and CRL explain the grouping as to why they are set up how they are (to reflect the types of risks and exposure the things in the environment are exposed to) Further question and discussion of the meaning of the OCSP, CRL registration environment discussion of how to best represent the environments and transitions between them discussion of line 9 and where data is included at should we have a different environment for transitions between environments discussion of recombining software fields Clint calls time and agreement to continue discussion in tomorrow’s working group meeting.
March 29, 2022 by Clint Wilson2022-03-29 | CABF NetSecWG Minutes Attendees: Adam Jones, Antti Backman, Ben Wilson, Brittany Randall, Bruce Morton, Clint Wilson, Corey Bonnell, Daniel Jeffery, Daryn Wright, David Kluge, Dustin Hollenback, Inigo Barreira, Jillian Karner, Joanna Fox, Jozef Nigut, Kiran Tumala, Marcelo Silva, Pedro Fuentes, Rebecca Kelley, Ruben Annemans, Thomas Connelly, Tim Crawford, Tobias Josefowitz, Tony Seymour, Trevoli Ponds-White Minutes Clint Wilson reads anti-trust statement, verifies recording Dan Jeffery volunteers to take minutes Approval of last meeting minutes Settled on Wednesday 9am Pacific time for this meeting Discussion of Ben’s progress on better defining offline and high security zones Ben asked us to follow up with him during the week to help him stay focused Clint offered to ping later in the week Transition to discussing the risk assessment work Dan presents current progress green striped the new assets tab discussed environment definitions discussed the structure of the tabs now explanation of the concept of green-striped tabs next tab to focus is the scoring explanations tab Discussion of whether we should do further work here Marcello asks a question as to whether root CA and offline CA should be different assessments Clarification that root CA and offline CA will be the same Call for questions Clint identifies some internal resources would be happy to engage and help us refine the risk assessment, when should we do that once we have green stripes done would be one good point, once we have the offline/root CA done would be another good point probably within the next week or two discussion of how that will be done, Clint will see how they want to do it David points out that there has been little progress on filling out scenarios that people had volunteered to look at can we pick what to focus on look at the doc and find the pages David looks over the items and suggests picking one Some discussion of which to pick with Trev, David and Dan Trev will take an unassigned category tomorrow Trev points out we don’t have anything else today Agree to discuss the assets tab right now since it’s ‘done’ quick recap of what green stripe/done means Sharing of assets tab and discussion of how we got to this list Take five minutes to let everyone read over the current assets Marcello raises concern with the data transfer capabilities and underlying software assets covering too much and us missing things Trev and Dan responds and long discussion with Marcello about why the categories are organised as they are Marcello agrees to make a comment on items on how he thinks they could be broken up so we can review them Trev suggests putting a comment on the column heading to explain the contents and purpose better Marcello raises line 21 to understand why registration is with OCSP and CRL explain the grouping as to why they are set up how they are (to reflect the types of risks and exposure the things in the environment are exposed to) Further question and discussion of the meaning of the OCSP, CRL registration environment discussion of how to best represent the environments and transitions between them discussion of line 9 and where data is included at should we have a different environment for transitions between environments discussion of recombining software fields Clint calls time and agreement to continue discussion in tomorrow’s working group meeting.
2022-03-15 Minutes of the Network Security Working Group
March 15, 2022 by Clint WilsonAttendance: Adam Jones – Microsoft Ben Wilson – Mozilla Brittany Randall – Go Daddy Bruce Morton – Entrust Christophe Bonjean – GlobalSign Clint Wilson – Apple Corey Bonnell – DigiCert Corey Rasmussen – OATI Daryn Wright – Go Daddy David Kluge – Google Trust Services Don Sheehy – WebTrust Dustin Hollenback – Microsoft Jeff Ward – CPA Canada/WebTrust Jillian Karner – Let’s Encrypt Joanna Fox – TrustCor Jozef Nigut – Disig Kiran Tummala – Microsoft Marcelo Silva – Visa Pedro Fuentes – OISTE Prachi Jain – Fastly Rebecca Kelley – Apple Ruben Annemans – GlobalSign Shwetagaur – Go Daddy Trevoli Ponds-White – Amazon Trust Services
March 15, 2022 by Clint WilsonAttendance: Adam Jones – Microsoft Ben Wilson – Mozilla Brittany Randall – Go Daddy Bruce Morton – Entrust Christophe Bonjean – GlobalSign Clint Wilson – Apple Corey Bonnell – DigiCert Corey Rasmussen – OATI Daryn Wright – Go Daddy David Kluge – Google Trust Services Don Sheehy – WebTrust Dustin Hollenback – Microsoft Jeff Ward – CPA Canada/WebTrust Jillian Karner – Let’s Encrypt Joanna Fox – TrustCor Jozef Nigut – Disig Kiran Tummala – Microsoft Marcelo Silva – Visa Pedro Fuentes – OISTE Prachi Jain – Fastly Rebecca Kelley – Apple Ruben Annemans – GlobalSign Shwetagaur – Go Daddy Trevoli Ponds-White – Amazon Trust Services
Ballot SC51: Reduce and Clarify Audit Log and Records Archival Retention Requirements
March 1, 2022 by Jos PurvisVoting Results Certificate Issuers 21 votes total, with no abstentions: 21 Yes votes: Amazon, Certigna (DHIMYOTIS), Certum (Asseco), Chunghwa Telecom, DigiCert, Disig, eMudhra, Entrust, Firmaprofesional, GDCA, GlobalSign, GoDaddy, HARICA, Izenpe, JPRS, Let’s Encrypt / ISRG, SSL.com, TWCA, TrustCor, SecureTrust, Visa 0 No Votes 0 Abstentions Certificate Consumers 5 votes total, with no abstentions: 5 Yes votes: Apple, Cisco, Google, Microsoft, Mozilla 0 No votes 0 Abstentions Bylaw Requirements Bylaw 2.3(f) requires: A “yes” vote by two-thirds of Certificate Issuer votes and by 50%-plus-one of Certificate Consumer votes.
March 1, 2022 by Jos PurvisVoting Results Certificate Issuers 21 votes total, with no abstentions: 21 Yes votes: Amazon, Certigna (DHIMYOTIS), Certum (Asseco), Chunghwa Telecom, DigiCert, Disig, eMudhra, Entrust, Firmaprofesional, GDCA, GlobalSign, GoDaddy, HARICA, Izenpe, JPRS, Let’s Encrypt / ISRG, SSL.com, TWCA, TrustCor, SecureTrust, Visa 0 No Votes 0 Abstentions Certificate Consumers 5 votes total, with no abstentions: 5 Yes votes: Apple, Cisco, Google, Microsoft, Mozilla 0 No votes 0 Abstentions Bylaw Requirements Bylaw 2.3(f) requires: A “yes” vote by two-thirds of Certificate Issuer votes and by 50%-plus-one of Certificate Consumer votes.
2022-03-01 Minutes of the Network Security Working Group
March 1, 2022 by Clint WilsonNetSec Working Group – March 1, 2022 Attendees: Antti Backman Ben Wilson Brittany Randall Bruce Morton Clint Wilson Corey Bonnell Daryn Wright Don Sheehy Dustin Hollenback Jillian Karner Joanna Fox Jozef Nigut Kati Davids Niko Carpenter Prachi Jain Pedro Fuentes Rebecca Kelley Ruben Anne Ryan Dickson Tim Crawford Tobias Josefowitz Trevoli Ponds-White Tyler Myers Christophe Bonjean 1. Read Antitrust Statement Clint Wilson read the antitrust statement. Roll Call Clint Wilson read the roll.
March 1, 2022 by Clint WilsonNetSec Working Group – March 1, 2022 Attendees: Antti Backman Ben Wilson Brittany Randall Bruce Morton Clint Wilson Corey Bonnell Daryn Wright Don Sheehy Dustin Hollenback Jillian Karner Joanna Fox Jozef Nigut Kati Davids Niko Carpenter Prachi Jain Pedro Fuentes Rebecca Kelley Ruben Anne Ryan Dickson Tim Crawford Tobias Josefowitz Trevoli Ponds-White Tyler Myers Christophe Bonjean 1. Read Antitrust Statement Clint Wilson read the antitrust statement. Roll Call Clint Wilson read the roll.
2022-02-15 Minutes of the Network Security Working Group
February 15, 2022 by Clint WilsonClint Wilson leading the meeting. Dustin Hollenback volunteered to take minutes. Clint Wilson read the anti-trust statement Attendees: Adam Jones (Microsoft), Antti Backman (Telia Company), Ben Wilson (Mozilla), Christophe Bonjean (GlobalSign), Clint Wilson (Apple), Corey Bonnell (DigiCert), Corey Rasmussen (OATI), Curt Spann (Apple), Daniel Jeffery (Fastly), Daryn Wright (GoDaddy), David Kluge (Google), Don Sheehy (WebTrust), Dustin Hollenback (Microsoft), Heather Warnke (Amazon Trust Services), Israel Ventura (US Federal PKI), Jillian Karner (Let’s Encrypt / ISRG), Joanna Fox (TrustCor), Jozef Nigut (Disig), Marcelo Silva (Visa), Thomas Connelly (US Federal PKI), Tim Crawford (WebTrust), Prachi Jain (Fastly), Rebecca Kelley (Apple), Ruben Annemans, Tobias Josefowitz (Opera), Tony Seymour (Comsign), Trevoli Ponds-White (Amazon Trust Services)
February 15, 2022 by Clint WilsonClint Wilson leading the meeting. Dustin Hollenback volunteered to take minutes. Clint Wilson read the anti-trust statement Attendees: Adam Jones (Microsoft), Antti Backman (Telia Company), Ben Wilson (Mozilla), Christophe Bonjean (GlobalSign), Clint Wilson (Apple), Corey Bonnell (DigiCert), Corey Rasmussen (OATI), Curt Spann (Apple), Daniel Jeffery (Fastly), Daryn Wright (GoDaddy), David Kluge (Google), Don Sheehy (WebTrust), Dustin Hollenback (Microsoft), Heather Warnke (Amazon Trust Services), Israel Ventura (US Federal PKI), Jillian Karner (Let’s Encrypt / ISRG), Joanna Fox (TrustCor), Jozef Nigut (Disig), Marcelo Silva (Visa), Thomas Connelly (US Federal PKI), Tim Crawford (WebTrust), Prachi Jain (Fastly), Rebecca Kelley (Apple), Ruben Annemans, Tobias Josefowitz (Opera), Tony Seymour (Comsign), Trevoli Ponds-White (Amazon Trust Services)