CA/Browser Forum posts
Posts by tag Server Certificates
2020-09-03 Minutes of the Server Certificate Working Group
September 18, 2020 by Jos PurvisAttendees (in alphabetical order) Amanda Mendieta (Apple), Ben Wilson (Mozilla), Bruce Morton (Entrust Datacard), Clint Wilson (Apple), Corey Bonnell (SecureTrust), Chris Kemmerer (SSL.com), Curt Spann (Apple), Daniela Hood (GoDaddy), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Hazhar Ismail (MSC Trustgate), Huo Haitao (Halton) (360 Browser), Inaba Atsushi (GlobalSign), Janet Hines (SecureTrust), Joanna Fox (GoDaddy), Johny Reading (GoDaddy), Jos Purvis (Cisco Systems), Karina Sirota (Microsoft), Kirk Hall (Entrust Datacard), Leo Grove (SSL.com), Li-Chun Chen (Chunghwa Telecom), Mads Henriksveen (Buypass AS), Mayur Manchanda (Visa), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter (SecureTrust), Peter Miskovic (Disig), Rae Ann Gonzales (Godaddy), Rebecca Kelley (Apple), Robin Alden (Sectigo), Ryan Sleevi (Google), Shelley Brewer (Digicert), Stephen Davidson (Digicert), Tim Hollebeek (Digicert), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).
September 18, 2020 by Jos PurvisAttendees (in alphabetical order) Amanda Mendieta (Apple), Ben Wilson (Mozilla), Bruce Morton (Entrust Datacard), Clint Wilson (Apple), Corey Bonnell (SecureTrust), Chris Kemmerer (SSL.com), Curt Spann (Apple), Daniela Hood (GoDaddy), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Hazhar Ismail (MSC Trustgate), Huo Haitao (Halton) (360 Browser), Inaba Atsushi (GlobalSign), Janet Hines (SecureTrust), Joanna Fox (GoDaddy), Johny Reading (GoDaddy), Jos Purvis (Cisco Systems), Karina Sirota (Microsoft), Kirk Hall (Entrust Datacard), Leo Grove (SSL.com), Li-Chun Chen (Chunghwa Telecom), Mads Henriksveen (Buypass AS), Mayur Manchanda (Visa), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter (SecureTrust), Peter Miskovic (Disig), Rae Ann Gonzales (Godaddy), Rebecca Kelley (Apple), Robin Alden (Sectigo), Ryan Sleevi (Google), Shelley Brewer (Digicert), Stephen Davidson (Digicert), Tim Hollebeek (Digicert), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).
Ballot SC28: Logging and Log Retention
September 10, 2020 by Wayne ThayerThe voting period for Ballot SC28v6 has ended and the Ballot has Passed. Here are the results: Voting by Certificate Issuers – 19 votes total including abstentions – 19 Yes votes: Actalis, Amazon, Buypass, Certigna (DHIMYOTIS), Certum (Asseco), Chunghwa Telecom, D-TRUST, DigiCert, Entrust Datacard, GDCA, GlobalSign, iTrusChina, NAVER, OISTE, SSL.com, SwissSign, TrustCor, SecureTrust (former Trustwave), Visa – 0 No votes: – 0 Abstain:
September 10, 2020 by Wayne ThayerThe voting period for Ballot SC28v6 has ended and the Ballot has Passed. Here are the results: Voting by Certificate Issuers – 19 votes total including abstentions – 19 Yes votes: Actalis, Amazon, Buypass, Certigna (DHIMYOTIS), Certum (Asseco), Chunghwa Telecom, D-TRUST, DigiCert, Entrust Datacard, GDCA, GlobalSign, iTrusChina, NAVER, OISTE, SSL.com, SwissSign, TrustCor, SecureTrust (former Trustwave), Visa – 0 No votes: – 0 Abstain:
Ballot SC35: Cleanups and Clarifications
September 9, 2020 by Wayne ThayerThe voting period for Ballot SC35 has ended and the Ballot has Passed. Here are the results: Voting by Certificate Issuers – 21 votes total including abstentions – 21 Yes votes: Actalis, Buypass, Camerfirma, Chunghwa Telecom, D-TRUST, DigiCert, Disig, eMudhra, Entrust Datacard, Firmaprofesional, GDCA, GlobalSign, HARICA, iTrusChina, Let’s Encrypt, OISTE, SSL.com, SwissSign, TrustCor, SecureTrust (former Trustwave), Visa – 0 No votes: – 0 Abstain:
September 9, 2020 by Wayne ThayerThe voting period for Ballot SC35 has ended and the Ballot has Passed. Here are the results: Voting by Certificate Issuers – 21 votes total including abstentions – 21 Yes votes: Actalis, Buypass, Camerfirma, Chunghwa Telecom, D-TRUST, DigiCert, Disig, eMudhra, Entrust Datacard, Firmaprofesional, GDCA, GlobalSign, HARICA, iTrusChina, Let’s Encrypt, OISTE, SSL.com, SwissSign, TrustCor, SecureTrust (former Trustwave), Visa – 0 No votes: – 0 Abstain:
2020-08-20 Minutes of the Server Certificate Working Group
September 8, 2020 by Jos PurvisAttendees (In Alphabetical Order) Present: Amanda Mendieta (Apple) Andrea Holland (SecureTrust) Andreas Hentschel (D-TRUST) Ben Wilson (Mozilla) Bruce Morton (Entrust Datacard) Clint Wilson (Apple) Corey Bonnell (SecureTrust) Chris Kemmerer (SSL.com) Curt Spann (Apple) Daniela Hood (GoDaddy) Dean Coclin (Digicert) Doug Beattie (GlobalSign) Dustin Hollenback (Microsoft) Hazhar Ismail (MSC Trustgate) Inaba Atsushi (GlobalSign) Joanna Fox (GoDaddy) Jos Purvis (Cisco Systems) Karina Sirota (Microsoft) Kirk Hall (Entrust Datacard) Mads Henriksveen (Buypass AS) Mayur Manchanda (Visa) Michelle Coon (OATI) Neil Dunbar (TrustCor Systems) Niko Carpenter (SecureTrust) Patrick Nohe (GlobalSign) Pedro Fuentes (OISTE Foundation) Rae Ann Gonzales (Godaddy) Robin Alden (Sectigo) Ryan Sleevi (Google) Stephen Davidson (Digicert) Tim Callan (Sectigo) Tim Hollebeek (Digicert) Tobias Josefowitz (Opera Software AS) Trevoli Ponds-White (Amazon) Wayne Thayer (Mozilla) Wendy Brown (US Federal PKI Management Authority)
September 8, 2020 by Jos PurvisAttendees (In Alphabetical Order) Present: Amanda Mendieta (Apple) Andrea Holland (SecureTrust) Andreas Hentschel (D-TRUST) Ben Wilson (Mozilla) Bruce Morton (Entrust Datacard) Clint Wilson (Apple) Corey Bonnell (SecureTrust) Chris Kemmerer (SSL.com) Curt Spann (Apple) Daniela Hood (GoDaddy) Dean Coclin (Digicert) Doug Beattie (GlobalSign) Dustin Hollenback (Microsoft) Hazhar Ismail (MSC Trustgate) Inaba Atsushi (GlobalSign) Joanna Fox (GoDaddy) Jos Purvis (Cisco Systems) Karina Sirota (Microsoft) Kirk Hall (Entrust Datacard) Mads Henriksveen (Buypass AS) Mayur Manchanda (Visa) Michelle Coon (OATI) Neil Dunbar (TrustCor Systems) Niko Carpenter (SecureTrust) Patrick Nohe (GlobalSign) Pedro Fuentes (OISTE Foundation) Rae Ann Gonzales (Godaddy) Robin Alden (Sectigo) Ryan Sleevi (Google) Stephen Davidson (Digicert) Tim Callan (Sectigo) Tim Hollebeek (Digicert) Tobias Josefowitz (Opera Software AS) Trevoli Ponds-White (Amazon) Wayne Thayer (Mozilla) Wendy Brown (US Federal PKI Management Authority)
2020-08-06 Minutes of the Server Certificate Working Group
August 24, 2020 by Jos PurvisAttendees (in alphabetical order) Ben Wilson (Mozilla), Chris McMillan (Visa), Clint Wilson (Apple), Corey Bonnell (SecureTrust), Chris Kemmerer (SSL.com), Daniela Hood (GoDaddy), Dean Coclin (Digicert), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Hazhar Ismail (MSC Trustgate), Inaba Atsushi (GlobalSign), Janet Hines (SecureTrust), Joanna Fox (GoDaddy), Johny Reading (GoDaddy), Jos Purvis (Cisco Systems), Karina Sirota (Microsoft), Li-Chun Chen (Chunghwa Telecom), Mayur Manchanda (Visa), Michael Guenther (SwissSign), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter (SecureTrust), Peter Miskovic (Disig), Rae Ann Gonzales (Godaddy), Rich Smith (Sectigo), Ryan Sleevi (Google), Shelley Brewer (Digicert), Stephen Davidson (Digicert), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority)
August 24, 2020 by Jos PurvisAttendees (in alphabetical order) Ben Wilson (Mozilla), Chris McMillan (Visa), Clint Wilson (Apple), Corey Bonnell (SecureTrust), Chris Kemmerer (SSL.com), Daniela Hood (GoDaddy), Dean Coclin (Digicert), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Hazhar Ismail (MSC Trustgate), Inaba Atsushi (GlobalSign), Janet Hines (SecureTrust), Joanna Fox (GoDaddy), Johny Reading (GoDaddy), Jos Purvis (Cisco Systems), Karina Sirota (Microsoft), Li-Chun Chen (Chunghwa Telecom), Mayur Manchanda (Visa), Michael Guenther (SwissSign), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter (SecureTrust), Peter Miskovic (Disig), Rae Ann Gonzales (Godaddy), Rich Smith (Sectigo), Ryan Sleevi (Google), Shelley Brewer (Digicert), Stephen Davidson (Digicert), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority)
Ballot SC33: TLS Using ALPN Method
August 14, 2020 by Wayne ThayerThe voting period for Ballot SC33 has ended and the Ballot has Passed. Here are the results: Voting by Certificate Issuers – 22 votes total including abstentions – 22 Yes votes: Buypass, Certigna (DHIMYOTIS), Certum (Asseco), Chunghwa Telecom, D-TRUST, Disig, eMudhra, Entrust Datacard, Firmaprofesional, GlobalSign, GoDaddy, HARICA, Izenpe, Kamu SM, Let’s Encrypt, NAVER, SHECA, SSL.com, TWCA, TrustCor, SecureTrust (former Trustwave), Visa – 0 No votes: – 0 Abstain:
August 14, 2020 by Wayne ThayerThe voting period for Ballot SC33 has ended and the Ballot has Passed. Here are the results: Voting by Certificate Issuers – 22 votes total including abstentions – 22 Yes votes: Buypass, Certigna (DHIMYOTIS), Certum (Asseco), Chunghwa Telecom, D-TRUST, Disig, eMudhra, Entrust Datacard, Firmaprofesional, GlobalSign, GoDaddy, HARICA, Izenpe, Kamu SM, Let’s Encrypt, NAVER, SHECA, SSL.com, TWCA, TrustCor, SecureTrust (former Trustwave), Visa – 0 No votes: – 0 Abstain:
2020-07-23 Minutes of the Server Certificate Working Group
August 10, 2020 by Jos PurvisAttendees (in alphabetical order) Ben Wilson (Mozilla), Bruce Morton (Entrust Datacard), Chris McMillan (Visa), Clint Wilson (Apple), Corey Bonnell (SecureTrust), Chris Kemmerer (SSL.com), Daniela Hood (GoDaddy), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Hazhar Ismail (MSC Trustgate), Huo Haitao (Halton) (360 Browser), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Janet Hines (SecureTrust), Jeff Ward (CPA Canada/WebTrust), Joanna Fox (GoDaddy), Johny Reading (GoDaddy), Karina Sirota (Microsoft), Michelle Coon (OATI), Michol Murray (GoDaddy), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Peter Miskovic (Disig), Rae Ann Gonzales (Godaddy), Rich Smith (Sectigo), Robin Alden (Sectigo), Shelley Brewer (Digicert), Stephen Davidson (Digicert), Thanos Vrachnos (SSL.com), Tim Hollebeek (Digicert), Tobias Josefowitz (Opera Software AS), Travis Graham (GoDaddy), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).
August 10, 2020 by Jos PurvisAttendees (in alphabetical order) Ben Wilson (Mozilla), Bruce Morton (Entrust Datacard), Chris McMillan (Visa), Clint Wilson (Apple), Corey Bonnell (SecureTrust), Chris Kemmerer (SSL.com), Daniela Hood (GoDaddy), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Hazhar Ismail (MSC Trustgate), Huo Haitao (Halton) (360 Browser), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Janet Hines (SecureTrust), Jeff Ward (CPA Canada/WebTrust), Joanna Fox (GoDaddy), Johny Reading (GoDaddy), Karina Sirota (Microsoft), Michelle Coon (OATI), Michol Murray (GoDaddy), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Peter Miskovic (Disig), Rae Ann Gonzales (Godaddy), Rich Smith (Sectigo), Robin Alden (Sectigo), Shelley Brewer (Digicert), Stephen Davidson (Digicert), Thanos Vrachnos (SSL.com), Tim Hollebeek (Digicert), Tobias Josefowitz (Opera Software AS), Travis Graham (GoDaddy), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).
2020-07-09 Minutes of the Server Certificate Working Group
July 23, 2020 by Jos PurvisAttendees (in alphabetical order) Adam Clark (Visa), Andrea Holland (SecureTrust), Arno Fiedler (D-TRUST), Ben Wilson (Mozilla), Bruce Morton (Entrust Datacard), Chris McMillan (Visa), Clint Wilson (Apple), Corey Bonnell (SecureTrust), Chris Kemmerer (SSL.com), Curt Spann (Apple), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dre Aremeda (GoDaddy), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Inaba Atsushi (GlobalSign), Janet Hines (SecureTrust), Jeff Ward (CPA Canada/WebTrust), Jos Purvis (Cisco Systems), Karina Sirota (Microsoft), Mads Henriksveen (Buypass AS), Mayur Manchanda (Visa), Michelle Coon (OATI), Mike Reilly (Microsoft), Niko Carpenter (SecureTrust), Patrick Nohe (GlobalSign), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Rachel McPherson (TrustCor Systems), Rich Smith (Sectigo), Robin Alden (Sectigo), Ryan Sleevi (Google), Stephen Davidson (Digicert), Tim Hollebeek (Digicert), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Mozilla).
July 23, 2020 by Jos PurvisAttendees (in alphabetical order) Adam Clark (Visa), Andrea Holland (SecureTrust), Arno Fiedler (D-TRUST), Ben Wilson (Mozilla), Bruce Morton (Entrust Datacard), Chris McMillan (Visa), Clint Wilson (Apple), Corey Bonnell (SecureTrust), Chris Kemmerer (SSL.com), Curt Spann (Apple), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dre Aremeda (GoDaddy), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Inaba Atsushi (GlobalSign), Janet Hines (SecureTrust), Jeff Ward (CPA Canada/WebTrust), Jos Purvis (Cisco Systems), Karina Sirota (Microsoft), Mads Henriksveen (Buypass AS), Mayur Manchanda (Visa), Michelle Coon (OATI), Mike Reilly (Microsoft), Niko Carpenter (SecureTrust), Patrick Nohe (GlobalSign), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Rachel McPherson (TrustCor Systems), Rich Smith (Sectigo), Robin Alden (Sectigo), Ryan Sleevi (Google), Stephen Davidson (Digicert), Tim Hollebeek (Digicert), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Mozilla).
Ballot SC32 – NCSSRs Zones
July 23, 2020 by Ben WilsonThis ballot failed pursuant to the Bylaws. This email begins the discussion period for Ballot SC32. Purpose of Ballot: To remove ambiguity and delineate requirements for physical security and logical security. The Network and Certificate System Security Requirements (NCSSRs) were drafted with the concept of physical and logical “Zones” (Secure Zones, High Security Zones, and everything else outside those zones). However, the approach did not clearly separate the physical security aspects from the logical security aspects. “Zone” was defined as a “subset of Certificate Systems created by the logical or physical partitioning of systems from other Certificate Systems,” and “Secure Zone” was defined as an “area (physical or logical) protected by physical and logical controls that appropriately protect the confidentiality, integrity, and availability of Certificate Systems.” “High Security Zone” was defined as a physical area- “A physical location where a CA’s or Delegated Third Party’s Private Key or cryptographic hardware is located”.
July 23, 2020 by Ben WilsonThis ballot failed pursuant to the Bylaws. This email begins the discussion period for Ballot SC32. Purpose of Ballot: To remove ambiguity and delineate requirements for physical security and logical security. The Network and Certificate System Security Requirements (NCSSRs) were drafted with the concept of physical and logical “Zones” (Secure Zones, High Security Zones, and everything else outside those zones). However, the approach did not clearly separate the physical security aspects from the logical security aspects. “Zone” was defined as a “subset of Certificate Systems created by the logical or physical partitioning of systems from other Certificate Systems,” and “Secure Zone” was defined as an “area (physical or logical) protected by physical and logical controls that appropriately protect the confidentiality, integrity, and availability of Certificate Systems.” “High Security Zone” was defined as a physical area- “A physical location where a CA’s or Delegated Third Party’s Private Key or cryptographic hardware is located”.
Ballot CSCWG-2: Combine Baseline and EV Code Signing Documents
July 21, 2020 by Jos PurvisBallot Results Voting on Ballot CSCWG-2 has ended and the results are below:
July 21, 2020 by Jos PurvisBallot Results Voting on Ballot CSCWG-2 has ended and the results are below: