CA/Browser Forum posts
Posts by tag Server Certificates
Ballot 78 – Updates to Domain and IP Validation, High Risk Requests, and Data Source in the Baseline Requirements
June 15, 2012 by Ben WilsonBallot 78 – Updates to Domain and IP Validation, High Risk Requests, and Data Source in the Baseline Requirements (Passed Unanimously) Motion Jeremy Rowley made the following motion, and Dean Coclin and Richard Smith endorsed it: … Motion begins…. Effective immediately. Erratum begins A. Replace the definition of “Domain Authorization” in Section 4 of the Baseline Requirements with the following: “Domain Authorization Document: Documentation provided by, or a CA’s documentation of a communication with, a Domain Name Registrar, the Domain Name Registrant, or the person or entity listed in WHOIS as the Domain Name Registrant (including any private, anonymous, or proxy registration service) attesting to the authority of an Applicant to request a Certificate for a specific Domain Namespace.
June 15, 2012 by Ben WilsonBallot 78 – Updates to Domain and IP Validation, High Risk Requests, and Data Source in the Baseline Requirements (Passed Unanimously) Motion Jeremy Rowley made the following motion, and Dean Coclin and Richard Smith endorsed it: … Motion begins…. Effective immediately. Erratum begins A. Replace the definition of “Domain Authorization” in Section 4 of the Baseline Requirements with the following: “Domain Authorization Document: Documentation provided by, or a CA’s documentation of a communication with, a Domain Name Registrar, the Domain Name Registrant, or the person or entity listed in WHOIS as the Domain Name Registrant (including any private, anonymous, or proxy registration service) attesting to the authority of an Applicant to request a Certificate for a specific Domain Namespace.
Ballot 76 – Public Review of Network Security Controls
June 12, 2012 by Ben WilsonBallot 76 – Public Review of Network Security Controls (Passed) Motion Ben Wilson made the following motion, and Eddy Nigg and Gerv Markham endorsed it: Motion begins Members of the CAB Forum have drafted Network Security Requirements, dated May 14,2012, and setting a baseline level of network security for all certification authorities that operate or manage a root certificate embedded as a trust anchor in publicly distributed browser software. The document is available for review here:
June 12, 2012 by Ben WilsonBallot 76 – Public Review of Network Security Controls (Passed) Motion Ben Wilson made the following motion, and Eddy Nigg and Gerv Markham endorsed it: Motion begins Members of the CAB Forum have drafted Network Security Requirements, dated May 14,2012, and setting a baseline level of network security for all certification authorities that operate or manage a root certificate embedded as a trust anchor in publicly distributed browser software. The document is available for review here:
Ballot 75 – NameConstraints Criticality Flag
June 8, 2012 by Ben WilsonBallot 75 – NameConstraints Criticality Flag (Passed) Motion Kathleen Wilson made the following motion, and Steve Roylance and Adam Langley endorsed it. Motion begins Effective immediately Erratum begins Delete the following text from the “Subordinate CA Certificate” section of both the Baseline Requirements Appendix B and EV Guidelines Appendix B: “All other fields and extensions MUST be set in accordance to RFC 5280.” AND replace it with the following: “F. nameConstraints (optional).
June 8, 2012 by Ben WilsonBallot 75 – NameConstraints Criticality Flag (Passed) Motion Kathleen Wilson made the following motion, and Steve Roylance and Adam Langley endorsed it. Motion begins Effective immediately Erratum begins Delete the following text from the “Subordinate CA Certificate” section of both the Baseline Requirements Appendix B and EV Guidelines Appendix B: “All other fields and extensions MUST be set in accordance to RFC 5280.” AND replace it with the following: “F. nameConstraints (optional).
Ballot 74 – Updates to Domain and IP Validation, High Risk Requests, and Data Source in the Baseline Requirements
May 31, 2012 by Ben WilsonBallot 74 – Updates to Domain and IP Validation, High Risk Requests, and Data Source in the Baseline Requirements (Quorum not met) Motion Jeremy Rowley made the following motion, and Dean Coclin and Richard Smith endorsed it: … Motion begins…. Effective immediately. Erratum begins A. Replace the definition of “Domain Authorization” in Section 4 of the Baseline Requirements with the following: “Domain Authorization Document: Documentation provided by, or a CA’s documentation of a communication with, a Domain Name Registrar, the Domain Name Registrant, or the person or entity listed in WHOIS as the Domain Name Registrant (including any private, anonymous, or proxy registration service) attesting to the authority of an Applicant to request a Certificate for a specific Domain Namespace.
May 31, 2012 by Ben WilsonBallot 74 – Updates to Domain and IP Validation, High Risk Requests, and Data Source in the Baseline Requirements (Quorum not met) Motion Jeremy Rowley made the following motion, and Dean Coclin and Richard Smith endorsed it: … Motion begins…. Effective immediately. Erratum begins A. Replace the definition of “Domain Authorization” in Section 4 of the Baseline Requirements with the following: “Domain Authorization Document: Documentation provided by, or a CA’s documentation of a communication with, a Domain Name Registrar, the Domain Name Registrant, or the person or entity listed in WHOIS as the Domain Name Registrant (including any private, anonymous, or proxy registration service) attesting to the authority of an Applicant to request a Certificate for a specific Domain Namespace.
Ballot 72 – Reorganize EV Documents
May 29, 2012 by Ben WilsonBallot 72 – Reorganize EV Documents (Passed Unanimously) Motion Jeremy Rowley made the following motion, and Simon Labram and Rich Smith endorsed it: Motion begins The Forum adopts, with immediate effect, the document entitled “Guidelines For The Issuance And Management Of Extended Validation Certificates, Version 1.4, Draft 04” as Version 1.4 of the EV Guidelines. The Forum also adopts, with immediate effect, the document entitled “Guidelines for the Issuance and Management of Extended Validation Code Signing Certificates” as Version 1.
May 29, 2012 by Ben WilsonBallot 72 – Reorganize EV Documents (Passed Unanimously) Motion Jeremy Rowley made the following motion, and Simon Labram and Rich Smith endorsed it: Motion begins The Forum adopts, with immediate effect, the document entitled “Guidelines For The Issuance And Management Of Extended Validation Certificates, Version 1.4, Draft 04” as Version 1.4 of the EV Guidelines. The Forum also adopts, with immediate effect, the document entitled “Guidelines for the Issuance and Management of Extended Validation Code Signing Certificates” as Version 1.
Ballot 71 – Auditor Qualification Requirements
May 8, 2012 by Ben WilsonBallot 71 – Auditor Qualification Requirements (Passed) Motion Tim Moses made the following motion, and Inigo Barreira and Ben Wilson endorsed it: Motion begins Effective 1 Jan 2013: Erratum begins In the Baseline requirements v1.0 A. In Section 3 (References), add: ETSI Electronic Signatures and Infrastructures (ESI); Trust Service Provider Conformity Assessment – General Requirements and Guidance, available at: http://www.etsi.org/deliver/etsi_ts/119400_119499/119403/01.01.01_60/ts_119403v010101p.pdf Change the WebTrust reference to: WebTrust for Certification Authorities Version 2.
May 8, 2012 by Ben WilsonBallot 71 – Auditor Qualification Requirements (Passed) Motion Tim Moses made the following motion, and Inigo Barreira and Ben Wilson endorsed it: Motion begins Effective 1 Jan 2013: Erratum begins In the Baseline requirements v1.0 A. In Section 3 (References), add: ETSI Electronic Signatures and Infrastructures (ESI); Trust Service Provider Conformity Assessment – General Requirements and Guidance, available at: http://www.etsi.org/deliver/etsi_ts/119400_119499/119403/01.01.01_60/ts_119403v010101p.pdf Change the WebTrust reference to: WebTrust for Certification Authorities Version 2.
Ballot 95 – Guidance on Deprecated Internal Names
March 9, 2012 by Ben WilsonThis ballot was withdrawn.
March 9, 2012 by Ben WilsonThis ballot was withdrawn.
Ballot 64 Revised – Recognized Existence
February 16, 2012 by Ben WilsonBallot 64 Revised – Recognized Existence (Passed Unanimously) Motion Jeremy Rowley made the following motion, and Rich Smith and Stephen Davidson endorsed it: Motion begins Effective immediately: Erratum begins In EV Guidelines v1.3, replace Section 7.2.2(1): The Private Organization MUST be a legally recognized entity whose existence was created by a filing with (or an act of) the Incorporating or Registration Agency in its Jurisdiction of Incorporation or Registration (e.g., by issuance of a certificate of incorporation) or is an entity that is chartered by a state or federal regulatory agency.
February 16, 2012 by Ben WilsonBallot 64 Revised – Recognized Existence (Passed Unanimously) Motion Jeremy Rowley made the following motion, and Rich Smith and Stephen Davidson endorsed it: Motion begins Effective immediately: Erratum begins In EV Guidelines v1.3, replace Section 7.2.2(1): The Private Organization MUST be a legally recognized entity whose existence was created by a filing with (or an act of) the Incorporating or Registration Agency in its Jurisdiction of Incorporation or Registration (e.g., by issuance of a certificate of incorporation) or is an entity that is chartered by a state or federal regulatory agency.
Ballot 65 – QIIS Definition Update
February 9, 2012 by Ben WilsonBallot 65 – QIIS Definition Update (Passed Unanimously) Motion Jeremy Rowley made the following motion, and Rich Smith and Stephen Davidson endorsed it: Motion begins Effective immediately: Erratum begins Replace Section 10.10.5 in the EV Guidelines: A Qualified Independent Information Source (QIIS) is a regularly-updated and current, publicly available, database designed for the purpose of accurately providing the information for which it is consulted, and which is generally recognized as a dependable source of such information.
February 9, 2012 by Ben WilsonBallot 65 – QIIS Definition Update (Passed Unanimously) Motion Jeremy Rowley made the following motion, and Rich Smith and Stephen Davidson endorsed it: Motion begins Effective immediately: Erratum begins Replace Section 10.10.5 in the EV Guidelines: A Qualified Independent Information Source (QIIS) is a regularly-updated and current, publicly available, database designed for the purpose of accurately providing the information for which it is consulted, and which is generally recognized as a dependable source of such information.