CA/Browser Forum posts
Posts by tag Network Security
2022-03-29 Minutes of the Network Security Working Group
March 29, 2022 by Clint Wilson2022-03-29 | CABF NetSecWG Minutes Attendees: Adam Jones, Antti Backman, Ben Wilson, Brittany Randall, Bruce Morton, Clint Wilson, Corey Bonnell, Daniel Jeffery, Daryn Wright, David Kluge, Dustin Hollenback, Inigo Barreira, Jillian Karner, Joanna Fox, Jozef Nigut, Kiran Tumala, Marcelo Silva, Pedro Fuentes, Rebecca Kelley, Ruben Annemans, Thomas Connelly, Tim Crawford, Tobias Josefowitz, Tony Seymour, Trevoli Ponds-White
March 29, 2022 by Clint Wilson2022-03-29 | CABF NetSecWG Minutes Attendees: Adam Jones, Antti Backman, Ben Wilson, Brittany Randall, Bruce Morton, Clint Wilson, Corey Bonnell, Daniel Jeffery, Daryn Wright, David Kluge, Dustin Hollenback, Inigo Barreira, Jillian Karner, Joanna Fox, Jozef Nigut, Kiran Tumala, Marcelo Silva, Pedro Fuentes, Rebecca Kelley, Ruben Annemans, Thomas Connelly, Tim Crawford, Tobias Josefowitz, Tony Seymour, Trevoli Ponds-White
2022-03-15 Minutes of the Network Security Working Group
March 15, 2022 by Clint WilsonAttendance: Adam Jones – Microsoft Ben Wilson – Mozilla Brittany Randall – Go Daddy Bruce Morton – Entrust Christophe Bonjean – GlobalSign Clint Wilson – Apple Corey Bonnell – DigiCert Corey Rasmussen – OATI Daryn Wright – Go Daddy David Kluge – Google Trust Services Don Sheehy – WebTrust Dustin Hollenback – Microsoft Jeff Ward – CPA Canada/WebTrust Jillian Karner – Let’s Encrypt Joanna Fox – TrustCor Jozef Nigut – Disig Kiran Tummala – Microsoft Marcelo Silva – Visa Pedro Fuentes – OISTE Prachi Jain – Fastly Rebecca Kelley – Apple Ruben Annemans – GlobalSign Shwetagaur – Go Daddy Trevoli Ponds-White – Amazon Trust Services
March 15, 2022 by Clint WilsonAttendance: Adam Jones – Microsoft Ben Wilson – Mozilla Brittany Randall – Go Daddy Bruce Morton – Entrust Christophe Bonjean – GlobalSign Clint Wilson – Apple Corey Bonnell – DigiCert Corey Rasmussen – OATI Daryn Wright – Go Daddy David Kluge – Google Trust Services Don Sheehy – WebTrust Dustin Hollenback – Microsoft Jeff Ward – CPA Canada/WebTrust Jillian Karner – Let’s Encrypt Joanna Fox – TrustCor Jozef Nigut – Disig Kiran Tummala – Microsoft Marcelo Silva – Visa Pedro Fuentes – OISTE Prachi Jain – Fastly Rebecca Kelley – Apple Ruben Annemans – GlobalSign Shwetagaur – Go Daddy Trevoli Ponds-White – Amazon Trust Services
Ballot SC051: Reduce and Clarify Audit Log and Records Archival Retention Requirements
March 1, 2022 by Jos PurvisVoting Results Certificate Issuers 21 votes total, with no abstentions:
March 1, 2022 by Jos PurvisVoting Results Certificate Issuers 21 votes total, with no abstentions:
2022-03-01 Minutes of the Network Security Working Group
March 1, 2022 by Clint WilsonNetSec Working Group – March 1, 2022 Attendees: Antti Backman Ben Wilson Brittany Randall Bruce Morton Clint Wilson Corey Bonnell Daryn Wright Don Sheehy Dustin Hollenback Jillian Karner Joanna Fox Jozef Nigut Kati Davids Niko Carpenter Prachi Jain Pedro Fuentes Rebecca Kelley Ruben Anne Ryan Dickson Tim Crawford Tobias Josefowitz Trevoli Ponds-White Tyler Myers Christophe Bonjean 1. Read Antitrust Statement
March 1, 2022 by Clint WilsonNetSec Working Group – March 1, 2022 Attendees: Antti Backman Ben Wilson Brittany Randall Bruce Morton Clint Wilson Corey Bonnell Daryn Wright Don Sheehy Dustin Hollenback Jillian Karner Joanna Fox Jozef Nigut Kati Davids Niko Carpenter Prachi Jain Pedro Fuentes Rebecca Kelley Ruben Anne Ryan Dickson Tim Crawford Tobias Josefowitz Trevoli Ponds-White Tyler Myers Christophe Bonjean 1. Read Antitrust Statement
2022-02-15 Minutes of the Network Security Working Group
February 15, 2022 by Clint WilsonClint Wilson leading the meeting. Dustin Hollenback volunteered to take minutes. Clint Wilson read the anti-trust statement Attendees: Adam Jones (Microsoft), Antti Backman (Telia Company), Ben Wilson (Mozilla), Christophe Bonjean (GlobalSign), Clint Wilson (Apple), Corey Bonnell (DigiCert), Corey Rasmussen (OATI), Curt Spann (Apple), Daniel Jeffery (Fastly), Daryn Wright (GoDaddy), David Kluge (Google), Don Sheehy (WebTrust), Dustin Hollenback (Microsoft), Heather Warnke (Amazon Trust Services), Israel Ventura (US Federal PKI), Jillian Karner (Let’s Encrypt / ISRG), Joanna Fox (TrustCor), Jozef Nigut (Disig), Marcelo Silva (Visa), Thomas Connelly (US Federal PKI), Tim Crawford (WebTrust), Prachi Jain (Fastly), Rebecca Kelley (Apple), Ruben Annemans, Tobias Josefowitz (Opera), Tony Seymour (Comsign), Trevoli Ponds-White (Amazon Trust Services)
February 15, 2022 by Clint WilsonClint Wilson leading the meeting. Dustin Hollenback volunteered to take minutes. Clint Wilson read the anti-trust statement Attendees: Adam Jones (Microsoft), Antti Backman (Telia Company), Ben Wilson (Mozilla), Christophe Bonjean (GlobalSign), Clint Wilson (Apple), Corey Bonnell (DigiCert), Corey Rasmussen (OATI), Curt Spann (Apple), Daniel Jeffery (Fastly), Daryn Wright (GoDaddy), David Kluge (Google), Don Sheehy (WebTrust), Dustin Hollenback (Microsoft), Heather Warnke (Amazon Trust Services), Israel Ventura (US Federal PKI), Jillian Karner (Let’s Encrypt / ISRG), Joanna Fox (TrustCor), Jozef Nigut (Disig), Marcelo Silva (Visa), Thomas Connelly (US Federal PKI), Tim Crawford (WebTrust), Prachi Jain (Fastly), Rebecca Kelley (Apple), Ruben Annemans, Tobias Josefowitz (Opera), Tony Seymour (Comsign), Trevoli Ponds-White (Amazon Trust Services)
Ballot NS-001: Adopt Network and Certificate System Security Requirements
February 8, 2022 by Ben WilsonThis email begins the discussion period for Ballot NS-001: Adopt Network and Certificate System Security Requirements. PURPOSE OF BALLOT The purpose of this ballot is for the Networking Security Working Group to formally adopt version 1.7 of the Network and Certificate System Security Requirements as currently published by the CA/Browser Forum. MOTION The following motion has been proposed by Clint Wilson of Apple and endorsed by Tim Hollebeek of DigiCert and Ben Wilson of Mozilla. -–Motion Begins-– In accordance with the Bylaws and Intellectual Property Rights (IPR) Policy of the CA/Browser Forum, version 1.7 of the Network and Certificate System Security Requirements are adopted in full. -–Motion Ends-– This ballot proposes a Final Guideline. The procedure for approval of this ballot is as follows: Discussion (7+ days) Start Time: January 31 2022 17:00 UTC
February 8, 2022 by Ben WilsonThis email begins the discussion period for Ballot NS-001: Adopt Network and Certificate System Security Requirements. PURPOSE OF BALLOT The purpose of this ballot is for the Networking Security Working Group to formally adopt version 1.7 of the Network and Certificate System Security Requirements as currently published by the CA/Browser Forum. MOTION The following motion has been proposed by Clint Wilson of Apple and endorsed by Tim Hollebeek of DigiCert and Ben Wilson of Mozilla. -–Motion Begins-– In accordance with the Bylaws and Intellectual Property Rights (IPR) Policy of the CA/Browser Forum, version 1.7 of the Network and Certificate System Security Requirements are adopted in full. -–Motion Ends-– This ballot proposes a Final Guideline. The procedure for approval of this ballot is as follows: Discussion (7+ days) Start Time: January 31 2022 17:00 UTC
2022-02-01 Minutes of the Network Security Working Group
February 1, 2022 by Clint WilsonClint Wilson leading the meeting. Request a volunteer for minutes. Dan Jeffery volunteers. Clint reads the antitrust statement Attendees: Adam Jones, Antti Backman, Ben Wilson, Brittany Randal, Christophe Bonjean, Clint Wilson, Corey Bonnell, Corey Rasmussen, Curt Spann, Daniel Jeffery, Daryn Wright, David Kluge, Dustin Hollenback, Israel Ventura, Jillian Karner, Kati Davids, Martjin Katerbarg, Niko Carpenter, Prachi Jain, Roman Fischer, Ruben Annemans, Thomas Connelly, Tim Crawford, Tobias Josefowitz, Tony Seymour, Trevoli Ponds-White
February 1, 2022 by Clint WilsonClint Wilson leading the meeting. Request a volunteer for minutes. Dan Jeffery volunteers. Clint reads the antitrust statement Attendees: Adam Jones, Antti Backman, Ben Wilson, Brittany Randal, Christophe Bonjean, Clint Wilson, Corey Bonnell, Corey Rasmussen, Curt Spann, Daniel Jeffery, Daryn Wright, David Kluge, Dustin Hollenback, Israel Ventura, Jillian Karner, Kati Davids, Martjin Katerbarg, Niko Carpenter, Prachi Jain, Roman Fischer, Ruben Annemans, Thomas Connelly, Tim Crawford, Tobias Josefowitz, Tony Seymour, Trevoli Ponds-White
2022-01-18 Minutes of the Network Security Working Group
January 18, 2022 by Ben WilsonThe following minutes were approved in the February 1, 2022 meeting of the NetSec WG. Net Sec WG – 1st Meeting – Jan. 18, 2022 Present: Ben Wilson – Mozilla, Don Sheehy – WebTrust, Dustin Ward – SSL.com, Martijn Katerbarg – Sectigo, Thomas Connelly – Federal PKI, Brittany Randall – GoDaddy, Clint Wilson – Apple, Kati Davids – GoDaddy, Samantha Frank – Let’s Encrypt, Corey Bonnell – DigiCert, Israel Ventura – Federal PKI, Tim Crawford – WebTrust, Wendy Brown – Federal PKI, Antti Backman – Telia, Jillian Karner – Let’s Encrypt, Prachi Jain – Fastly, Trevoli Ponds-White – Amazon Trust Services, Jozef Nigut – Disig, Christophe Bonjean – GlobalSign, Tobias Josefowitz – Opera, Daniel Jeffery – Fastly, Dustin Hollenback – Microsoft, Janet Hines – SecureTrust, Daryn Wright – GoDaddy, Miguel Sanchez – Google, Adam Jones – Microsoft, Rebecca Kelley – Apple, Tony Seymour – Comsign, Tim Hollebeek – DigiCert, Dean Coclin – DigiCert, Corey Rasmussen – OATI, Ruben Annemans – GlobalSign, Adam Jones – Microsoft, David Kluge – Google, Israel Ventura – Federal PKI
January 18, 2022 by Ben WilsonThe following minutes were approved in the February 1, 2022 meeting of the NetSec WG. Net Sec WG – 1st Meeting – Jan. 18, 2022 Present: Ben Wilson – Mozilla, Don Sheehy – WebTrust, Dustin Ward – SSL.com, Martijn Katerbarg – Sectigo, Thomas Connelly – Federal PKI, Brittany Randall – GoDaddy, Clint Wilson – Apple, Kati Davids – GoDaddy, Samantha Frank – Let’s Encrypt, Corey Bonnell – DigiCert, Israel Ventura – Federal PKI, Tim Crawford – WebTrust, Wendy Brown – Federal PKI, Antti Backman – Telia, Jillian Karner – Let’s Encrypt, Prachi Jain – Fastly, Trevoli Ponds-White – Amazon Trust Services, Jozef Nigut – Disig, Christophe Bonjean – GlobalSign, Tobias Josefowitz – Opera, Daniel Jeffery – Fastly, Dustin Hollenback – Microsoft, Janet Hines – SecureTrust, Daryn Wright – GoDaddy, Miguel Sanchez – Google, Adam Jones – Microsoft, Rebecca Kelley – Apple, Tony Seymour – Comsign, Tim Hollebeek – DigiCert, Dean Coclin – DigiCert, Corey Rasmussen – OATI, Ruben Annemans – GlobalSign, Adam Jones – Microsoft, David Kluge – Google, Israel Ventura – Federal PKI
Ballot Forum-17 – Creation of Network Security Working Group
December 28, 2021 by Ben WilsonThe voting on ballot FORUM-17 has completed, and the ballot has passed. Voting Results Certificate Issuers 22 votes total, with no abstentions: 22 Yes votes: Buypass, Certum (Asseco), D-TRUST, DigiCert, Disig, eMudhra, Entrust, E-TUGRA, GDCA, GlobalSign, GoDaddy, HARICA, JPRS, Let’s Encrypt/ISRG, MSC Trustgate, OISTE, SECOM, Sectigo, SSL.com, SwissSign, Telia Company, SecureTrust, 0 No Votes 0 Abstentions NOTE: A vote placed by GlobalTrust was not received on the public list and will not be counted.
December 28, 2021 by Ben WilsonThe voting on ballot FORUM-17 has completed, and the ballot has passed. Voting Results Certificate Issuers 22 votes total, with no abstentions: 22 Yes votes: Buypass, Certum (Asseco), D-TRUST, DigiCert, Disig, eMudhra, Entrust, E-TUGRA, GDCA, GlobalSign, GoDaddy, HARICA, JPRS, Let’s Encrypt/ISRG, MSC Trustgate, OISTE, SECOM, Sectigo, SSL.com, SwissSign, Telia Company, SecureTrust, 0 No Votes 0 Abstentions NOTE: A vote placed by GlobalTrust was not received on the public list and will not be counted.
Ballot SC040: Security Requirements for Air-Gapped CA Systems
February 9, 2021 by Ben WilsonThis ballot was withdrawn and/or failed to go to a vote. This is a continuation of discussion on the air-gapped CA ballot. (As noted below, this formally continues the discussion for this ballot, as of 2021-02-08 17:00 UTC. This discussion period will continue until initiation of the Voting Period (TBD) unless extended or as otherwise determined, pursuant to the CA/Browser Forum Bylaws. I renumbered the sections - 5.1 for logical security and 5.2 for physical security. I have not attempted yet to address the comments between Aaron and Ryan re: accessing the air-gapped CA for checking configuration. Maybe that section needs to remain “as is” or with clarification that a desktop review of CA configuration would be satisfactory if the air-gapped CA has not been physically touched.
February 9, 2021 by Ben WilsonThis ballot was withdrawn and/or failed to go to a vote. This is a continuation of discussion on the air-gapped CA ballot. (As noted below, this formally continues the discussion for this ballot, as of 2021-02-08 17:00 UTC. This discussion period will continue until initiation of the Voting Period (TBD) unless extended or as otherwise determined, pursuant to the CA/Browser Forum Bylaws. I renumbered the sections - 5.1 for logical security and 5.2 for physical security. I have not attempted yet to address the comments between Aaron and Ryan re: accessing the air-gapped CA for checking configuration. Maybe that section needs to remain “as is” or with clarification that a desktop review of CA configuration would be satisfactory if the air-gapped CA has not been physically touched.