CA/Browser Forum posts
Posts by tag Server Certificates
Ballot 146 – Convert Baseline Requirements to RFC 3647 Framework
April 16, 2015 by Ben WilsonBallot 146 – Convert Baseline Requirements to RFC 3647 Framework Voting has closed on Ballot 146, “Convert Baseline Requirements” Among CAs, there were 18 YES votes, 1 NO vote and 2 Abstentions Among Browsers, there was 1 YES vote and 1 Abstention Therefore, the ballot passes. Here are Version 1.3.0 and a helpful Conversion Table The Certificate Policy Review Working Group was chartered by Ballot 128 to (i) consider existing and proposed standards, (ii) create a list of potential improvements based on the considered standards that improve the existing CAB Forum work product, (iii) evaluate the transition to a 3647 format based on the amount [of work involved].
April 16, 2015 by Ben WilsonBallot 146 – Convert Baseline Requirements to RFC 3647 Framework Voting has closed on Ballot 146, “Convert Baseline Requirements” Among CAs, there were 18 YES votes, 1 NO vote and 2 Abstentions Among Browsers, there was 1 YES vote and 1 Abstention Therefore, the ballot passes. Here are Version 1.3.0 and a helpful Conversion Table The Certificate Policy Review Working Group was chartered by Ballot 128 to (i) consider existing and proposed standards, (ii) create a list of potential improvements based on the considered standards that improve the existing CAB Forum work product, (iii) evaluate the transition to a 3647 format based on the amount [of work involved].
Ballot 148 – Issuer Field Correction
April 2, 2015 by Ben WilsonVoting on Ballot 148, Issuer Field Correction, closed on 2 April 2015. We received 13 YES votes from CAs, 0 NO votes and 0 Abstentions We received 1 YES vote from Browsers, 0 NO votes and 0 Abstentions Therefore the ballot passes. Several votes were received after the ballot closed and were not counted. Full details are on the ballot tracking wiki. Ballot 148 resulted in the adoption of BRv1.2.5
April 2, 2015 by Ben WilsonVoting on Ballot 148, Issuer Field Correction, closed on 2 April 2015. We received 13 YES votes from CAs, 0 NO votes and 0 Abstentions We received 1 YES vote from Browsers, 0 NO votes and 0 Abstentions Therefore the ballot passes. Several votes were received after the ballot closed and were not counted. Full details are on the ballot tracking wiki. Ballot 148 resulted in the adoption of BRv1.2.5
Ballot 145 – Operational Existence for Government Entities
February 19, 2015 by Ben WilsonBallot 145 – Operational Existence for Government Entities Reason Because government entities aren’t operating as businesses, they are often not listed with a QIIS, especially immediately after the entity is created by either statute or order. The legal existence of these entities is verifiable through a QGIS, but this source in many countries (especially Arabic and African countries) does not always list a date of creation of these entities. Operational existence exists to ensure organizations aren’t fly-by-night scams/phishing entities.
February 19, 2015 by Ben WilsonBallot 145 – Operational Existence for Government Entities Reason Because government entities aren’t operating as businesses, they are often not listed with a QIIS, especially immediately after the entity is created by either statute or order. The legal existence of these entities is verifiable through a QGIS, but this source in many countries (especially Arabic and African countries) does not always list a date of creation of these entities. Operational existence exists to ensure organizations aren’t fly-by-night scams/phishing entities.
Ballot 144 – Validation rules for .onion names
February 18, 2015 by Ben WilsonBallot 144 – Validation Rules for .onion Names – passed with 6 Yes votes, 2 No votes and 13 Abstentions from the CAs and 3 Yes votes from the browsers. Detailed results are on the Forum’s ballot tracker (Ballot Results – Vote Tally at the bottom of the Ballots page on the Forum’s wiki). Ballot 144 reads as follows: Applicants want a CA-signed .onion address for several reasons, including: – Powerful web platform features are restricted to secure origins, which are currently not available to onion names (in part, because of the lack of IANA registration).
February 18, 2015 by Ben WilsonBallot 144 – Validation Rules for .onion Names – passed with 6 Yes votes, 2 No votes and 13 Abstentions from the CAs and 3 Yes votes from the browsers. Detailed results are on the Forum’s ballot tracker (Ballot Results – Vote Tally at the bottom of the Ballots page on the Forum’s wiki). Ballot 144 reads as follows: Applicants want a CA-signed .onion address for several reasons, including: – Powerful web platform features are restricted to secure origins, which are currently not available to onion names (in part, because of the lack of IANA registration).
Ballot 143 – Formalization of Validation Working Group
February 18, 2015 by Ben WilsonBallot 143 – Formalization of Validation Working Group Reason In order to address validation issues and inconsistencies in both the SSL Baseline Requirements and the EV Guidelines, the CAB Forum has held an informal working group previously referred to as the Extended Validation Working Group now known as the Validation Working Group, would like to modify its scope to include validation in the Baseline Requirements as well as the EV Guidelines.
February 18, 2015 by Ben WilsonBallot 143 – Formalization of Validation Working Group Reason In order to address validation issues and inconsistencies in both the SSL Baseline Requirements and the EV Guidelines, the CAB Forum has held an informal working group previously referred to as the Extended Validation Working Group now known as the Validation Working Group, would like to modify its scope to include validation in the Baseline Requirements as well as the EV Guidelines.
Ballot 142 – Elimination of EV Insurance Requirement
January 19, 2015 by Ben WilsonElimination of EV Insurance Requirement Voting on Ballot 142 closed on 19 January 2015. The Chair received “yes” votes from: Turktrust, Startcom, Firmaprofessional, Sertifit, Trend Micro, WoSign, SSC, Disig, Symantec, e-Tugra, Secom, Buypass, Chungwha, Opera, Mozilla, 360 Browser, Google And “no” votes from: Digicert, ANF AC, QuoVadis, Trustwave, OpenTrust, GoDaddy, Entrust, Network Solutions, Comodo 3 abstained. Therefore, Ballot 142 fails. The following motion has been proposed by Gervase Markham of Mozilla and endorsed by Ryan Sleevi of Google and Moudrick Dadashov of SSC.
January 19, 2015 by Ben WilsonElimination of EV Insurance Requirement Voting on Ballot 142 closed on 19 January 2015. The Chair received “yes” votes from: Turktrust, Startcom, Firmaprofessional, Sertifit, Trend Micro, WoSign, SSC, Disig, Symantec, e-Tugra, Secom, Buypass, Chungwha, Opera, Mozilla, 360 Browser, Google And “no” votes from: Digicert, ANF AC, QuoVadis, Trustwave, OpenTrust, GoDaddy, Entrust, Network Solutions, Comodo 3 abstained. Therefore, Ballot 142 fails. The following motion has been proposed by Gervase Markham of Mozilla and endorsed by Ryan Sleevi of Google and Moudrick Dadashov of SSC.
Ballot 141 – Elimination of EV Insurance Requirement; Financial Responsibility for Mis-Issued Certificates
January 19, 2015 by Ben WilsonBallot 141 – Elimination of EV Insurance Requirement; Financial Responsibility for Mis-Issued Certificates Voting on Ballot 141 closed on 19 January 2015. The Chair received “yes” votes from: Trend Micro, Mozilla, TurkTrust, WoSign, 360 Browser, Comodo, SSC, GoDaddy, Network Solutions, Chungwa Telecom, Microsoft “No” votes by: Firmaprofessional, ANF AC, Quovadis, Opera, Startcom, Digicert, OpenTrust, Trustwave, Symantec, Secom, Entrust, Google 5 abstained. Therefore, Ballot 141 fails. The following motion has been proposed by Kirk Hall of Trend Micro and endorsed by Robin Alden of Comodo and Dean Coclin of Symantec.
January 19, 2015 by Ben WilsonBallot 141 – Elimination of EV Insurance Requirement; Financial Responsibility for Mis-Issued Certificates Voting on Ballot 141 closed on 19 January 2015. The Chair received “yes” votes from: Trend Micro, Mozilla, TurkTrust, WoSign, 360 Browser, Comodo, SSC, GoDaddy, Network Solutions, Chungwa Telecom, Microsoft “No” votes by: Firmaprofessional, ANF AC, Quovadis, Opera, Startcom, Digicert, OpenTrust, Trustwave, Symantec, Secom, Entrust, Google 5 abstained. Therefore, Ballot 141 fails. The following motion has been proposed by Kirk Hall of Trend Micro and endorsed by Robin Alden of Comodo and Dean Coclin of Symantec.
Ballot 135 – ETSI Auditor Qualifications (passed)
October 16, 2014 by Ben WilsonBallot 135 – ETSI Auditor Qualifications Voting on Ballot 135 – ETSI Auditor Qualifications closed on 16 October 2014. The Chair received “yes” votes from ANF, Buypass, Certinomis, Chunghwa Telecom, Comodo, GlobalSign, GoDaddy, Izenpe, Kamu Sertifikasyon Merkezi, Logius PKIoverheid, Microsoft, Opentrust, Opera, SSC, Symantec, Trend Micro, Trustis, and TURKTRUST. Actalis, DigiCert, Disig, Entrust, Google, Mozilla, StartCom, TWCA, and WoSign abstained. Therefore, Ballot 135 passed. Iñigo Barreira of Izenpe made the following motion and Moudrick Dadashov of SSC, Rob Horne of Trustis, and Mads Henriksveen of Buypass have endorsed it:
October 16, 2014 by Ben WilsonBallot 135 – ETSI Auditor Qualifications Voting on Ballot 135 – ETSI Auditor Qualifications closed on 16 October 2014. The Chair received “yes” votes from ANF, Buypass, Certinomis, Chunghwa Telecom, Comodo, GlobalSign, GoDaddy, Izenpe, Kamu Sertifikasyon Merkezi, Logius PKIoverheid, Microsoft, Opentrust, Opera, SSC, Symantec, Trend Micro, Trustis, and TURKTRUST. Actalis, DigiCert, Disig, Entrust, Google, Mozilla, StartCom, TWCA, and WoSign abstained. Therefore, Ballot 135 passed. Iñigo Barreira of Izenpe made the following motion and Moudrick Dadashov of SSC, Rob Horne of Trustis, and Mads Henriksveen of Buypass have endorsed it: