CA/Browser Forum posts
Posts by tag Server Certificates
Ballot 145 – Operational Existence for Government Entities
February 19, 2015 by Ben WilsonBallot 145 – Operational Existence for Government Entities Reason Because government entities aren’t operating as businesses, they are often not listed with a QIIS, especially immediately after the entity is created by either statute or order. The legal existence of these entities is verifiable through a QGIS, but this source in many countries (especially Arabic and African countries) does not always list a date of creation of these entities. Operational existence exists to ensure organizations aren’t fly-by-night scams/phishing entities. With government entities, these same risks are not present as they are created directly by government action.
February 19, 2015 by Ben WilsonBallot 145 – Operational Existence for Government Entities Reason Because government entities aren’t operating as businesses, they are often not listed with a QIIS, especially immediately after the entity is created by either statute or order. The legal existence of these entities is verifiable through a QGIS, but this source in many countries (especially Arabic and African countries) does not always list a date of creation of these entities. Operational existence exists to ensure organizations aren’t fly-by-night scams/phishing entities. With government entities, these same risks are not present as they are created directly by government action.
Ballot 144 – Validation rules for .onion names
February 18, 2015 by Ben WilsonBallot 144 – Validation Rules for .onion Names – passed with 6 Yes votes, 2 No votes and 13 Abstentions from the CAs and 3 Yes votes from the browsers. Detailed results are on the Forum’s ballot tracker (Ballot Results – Vote Tally at the bottom of the Ballots page on the Forum’s wiki). Ballot 144 reads as follows: Applicants want a CA-signed .onion address for several reasons, including: – Powerful web platform features are restricted to secure origins, which are currently not available to onion names (in part, because of the lack of IANA registration). Permitting EV certs for onion names will help provide a secure origin for the service, moving onion towards use of powerful web platform features.
February 18, 2015 by Ben WilsonBallot 144 – Validation Rules for .onion Names – passed with 6 Yes votes, 2 No votes and 13 Abstentions from the CAs and 3 Yes votes from the browsers. Detailed results are on the Forum’s ballot tracker (Ballot Results – Vote Tally at the bottom of the Ballots page on the Forum’s wiki). Ballot 144 reads as follows: Applicants want a CA-signed .onion address for several reasons, including: – Powerful web platform features are restricted to secure origins, which are currently not available to onion names (in part, because of the lack of IANA registration). Permitting EV certs for onion names will help provide a secure origin for the service, moving onion towards use of powerful web platform features.
Ballot 143 – Formalization of Validation Working Group
February 18, 2015 by Ben WilsonBallot 143 – Formalization of Validation Working Group Reason In order to address validation issues and inconsistencies in both the SSL Baseline Requirements and the EV Guidelines, the CAB Forum has held an informal working group previously referred to as the Extended Validation Working Group now known as the Validation Working Group, would like to modify its scope to include validation in the Baseline Requirements as well as the EV Guidelines.
February 18, 2015 by Ben WilsonBallot 143 – Formalization of Validation Working Group Reason In order to address validation issues and inconsistencies in both the SSL Baseline Requirements and the EV Guidelines, the CAB Forum has held an informal working group previously referred to as the Extended Validation Working Group now known as the Validation Working Group, would like to modify its scope to include validation in the Baseline Requirements as well as the EV Guidelines.
Ballot 142 – Elimination of EV Insurance Requirement
January 19, 2015 by Ben WilsonElimination of EV Insurance Requirement Voting on Ballot 142 closed on 19 January 2015.
January 19, 2015 by Ben WilsonElimination of EV Insurance Requirement Voting on Ballot 142 closed on 19 January 2015.
Ballot 141 – Elimination of EV Insurance Requirement; Financial Responsibility for Mis-Issued Certificates
January 19, 2015 by Ben WilsonBallot 141 – Elimination of EV Insurance Requirement; Financial Responsibility for Mis-Issued Certificates Voting on Ballot 141 closed on 19 January 2015.
January 19, 2015 by Ben WilsonBallot 141 – Elimination of EV Insurance Requirement; Financial Responsibility for Mis-Issued Certificates Voting on Ballot 141 closed on 19 January 2015.
Ballot 135 – ETSI Auditor Qualifications (passed)
October 16, 2014 by Ben WilsonBallot 135 – ETSI Auditor Qualifications Voting on Ballot 135 – ETSI Auditor Qualifications closed on 16 October 2014.
October 16, 2014 by Ben WilsonBallot 135 – ETSI Auditor Qualifications Voting on Ballot 135 – ETSI Auditor Qualifications closed on 16 October 2014.
Ballot 134 – Application of RFC 5280 to Pre-certificates
October 16, 2014 by Ben WilsonBallot 134 – Application of RFC 5280 to Pre-certificates Voting on Ballot 134 – Application of RFC 5280 to Pre-certificates closed on 16 October 2014.
October 16, 2014 by Ben WilsonBallot 134 – Application of RFC 5280 to Pre-certificates Voting on Ballot 134 – Application of RFC 5280 to Pre-certificates closed on 16 October 2014.
Ballot 123 – Reuse of Information (passed)
October 16, 2014 by Ben WilsonVoting on Ballot 123 – Reuse of Information closed on 16 October 2014. The Chair received “yes” votes from Actalis, ANF, Buypass, Certinomis, Chunghwa Telecom, Comodo, DigiCert, Disig, Entrust, GlobalSign, GoDaddy, Google, Izenpe, Kamu Sertifikasyon Merkezi, Logius PKIoverheid, Microsoft, Mozilla, Opentrust, QuoVadis, SSC, Symantec, Trend Micro, TURKTRUST, TWCA, and WoSign. Opera abstained. Therefore, Ballot 123 passed. This is the ballot from the EV working group that attempts to clarify the language in 11.14 (11.13 previous to the verified method of communication ballot) without changing any of the requirements. Previous section 11.13 was poorly organized with lots of semi-conflicting statements on when data re-verification was required. Changes were not tracked in this ballot as every single section was moved or rewritten, making any comparison futile.
October 16, 2014 by Ben WilsonVoting on Ballot 123 – Reuse of Information closed on 16 October 2014. The Chair received “yes” votes from Actalis, ANF, Buypass, Certinomis, Chunghwa Telecom, Comodo, DigiCert, Disig, Entrust, GlobalSign, GoDaddy, Google, Izenpe, Kamu Sertifikasyon Merkezi, Logius PKIoverheid, Microsoft, Mozilla, Opentrust, QuoVadis, SSC, Symantec, Trend Micro, TURKTRUST, TWCA, and WoSign. Opera abstained. Therefore, Ballot 123 passed. This is the ballot from the EV working group that attempts to clarify the language in 11.14 (11.13 previous to the verified method of communication ballot) without changing any of the requirements. Previous section 11.13 was poorly organized with lots of semi-conflicting statements on when data re-verification was required. Changes were not tracked in this ballot as every single section was moved or rewritten, making any comparison futile.