CA/Browser Forum posts
Posts by tag Server Certificates
Ballot 37 – Another QGIS
April 6, 2010 by Ben WilsonBallot 37 – Another QGIS (Passed Unanimously) Motion Tim Moses made the following motion, and Robin Alden and Jay Schiavo endorsed it: Rules for verifying an Applicant’s place of business address are specified in Section 10.4.1 with reference to Section 10.2. Section 10.2.2 is transcribed here for the reader’s convenience. “10.2.2 Acceptable Method of Verification (1) Private Organization Subjects: All items listed in Section 10.2.1(1) MUST be verified directly with, or obtained directly from, the Incorporating or Registration Agency in the Applicant’s Jurisdiction of Incorporation or Registration.
April 6, 2010 by Ben WilsonBallot 37 – Another QGIS (Passed Unanimously) Motion Tim Moses made the following motion, and Robin Alden and Jay Schiavo endorsed it: Rules for verifying an Applicant’s place of business address are specified in Section 10.4.1 with reference to Section 10.2. Section 10.2.2 is transcribed here for the reader’s convenience. “10.2.2 Acceptable Method of Verification (1) Private Organization Subjects: All items listed in Section 10.2.1(1) MUST be verified directly with, or obtained directly from, the Incorporating or Registration Agency in the Applicant’s Jurisdiction of Incorporation or Registration.
Ballot 36 – Public WHOIS Information
March 26, 2010 by Ben WilsonBallot 36 – Public WHOIS Information (Passed Unanimously) Motion Tim Moses made the following motion, and Eddy Nigg and Cecilia Kam endorsed it: Motion begins Effective immediately, delete: “10.6 Verification of Applicant’s Domain Name 10.6.1 Verification Requirements To verify the Applicant’s registration, or exclusive control, of the Domain Name(s) to be listed in the EV Certificate, the CA MUST verify that each such Domain Name satisfies the following requirements: (1) The Domain Name is registered with an Internet Corporation for Assigned Names and Numbers (ICANN)-approved registrar or a registry listed by the Internet Assigned Numbers Authority (IANA);
March 26, 2010 by Ben WilsonBallot 36 – Public WHOIS Information (Passed Unanimously) Motion Tim Moses made the following motion, and Eddy Nigg and Cecilia Kam endorsed it: Motion begins Effective immediately, delete: “10.6 Verification of Applicant’s Domain Name 10.6.1 Verification Requirements To verify the Applicant’s registration, or exclusive control, of the Domain Name(s) to be listed in the EV Certificate, the CA MUST verify that each such Domain Name satisfies the following requirements: (1) The Domain Name is registered with an Internet Corporation for Assigned Names and Numbers (ICANN)-approved registrar or a registry listed by the Internet Assigned Numbers Authority (IANA);
Ballot 35 – Role Requirements
January 10, 2010 by Ben WilsonBallot 35 – Role Requirements (Passed Unanimously) Motion Tim Moses made the following motion, and Mads Henriksveen and Jay Schiavo endorsed it: Motion begins The role requirements laid out in Section 9.1.2 are incorrect. Effective immediately, delete: “9.1.2 Role Requirements The following Applicant roles are required for the issuance of an EV Certificate. … One person MAY be authorized by the Applicant to fill one, two, or all three of these roles, provided that the Certificate Approver and Contract Signer are employees of the Applicant.
January 10, 2010 by Ben WilsonBallot 35 – Role Requirements (Passed Unanimously) Motion Tim Moses made the following motion, and Mads Henriksveen and Jay Schiavo endorsed it: Motion begins The role requirements laid out in Section 9.1.2 are incorrect. Effective immediately, delete: “9.1.2 Role Requirements The following Applicant roles are required for the issuance of an EV Certificate. … One person MAY be authorized by the Applicant to fill one, two, or all three of these roles, provided that the Certificate Approver and Contract Signer are employees of the Applicant.
Ballot 34 – Adopt EV Guidelines draft 03 as Version 1.2
October 1, 2009 by Ben WilsonBallot 34 – Adopt EV Guidelines draft 03 as Version 1.2 (Passed) Motion Nick Hales made the following motion, and Bjorn Vermo and Ben Wilson endorsed it: Motion begins The Forum should adopt, with immediate effect, the document entitled “Guidelines For The Issuance And Management Of Extended Validation Certificates, Version 1.2, Draft 03” as Version 1.2 of the EV Guidelines. The document was circulated for review on 20 Aug 2009. The editor may update the document and release further versions to reflect the consensus of the members as it emerges from discussions during the review period.
October 1, 2009 by Ben WilsonBallot 34 – Adopt EV Guidelines draft 03 as Version 1.2 (Passed) Motion Nick Hales made the following motion, and Bjorn Vermo and Ben Wilson endorsed it: Motion begins The Forum should adopt, with immediate effect, the document entitled “Guidelines For The Issuance And Management Of Extended Validation Certificates, Version 1.2, Draft 03” as Version 1.2 of the EV Guidelines. The document was circulated for review on 20 Aug 2009. The editor may update the document and release further versions to reflect the consensus of the members as it emerges from discussions during the review period.
Ballot 30 – Reserved Domain Names
August 7, 2009 by Ben WilsonBallot 30 – Reserved Domain Names (Failed) Motion Ben Wilson made the following motion, and Eddy Nigg and Bruce Morton endorsed it. Motion begins Effective 90 days following ratification of the ballot, the Guidelines should be amended by the following errata. Errata begin Delete Section 6(a)(2) and replace it with: “(2) Domain name Certificate Field subjectAlternativeName:dNSName Required/Optional Required Contents There MUST be at least one instance of this field that is associated with the Subject’s server(s), which MAY be owned and operated by the Subject or another entity (e.
August 7, 2009 by Ben WilsonBallot 30 – Reserved Domain Names (Failed) Motion Ben Wilson made the following motion, and Eddy Nigg and Bruce Morton endorsed it. Motion begins Effective 90 days following ratification of the ballot, the Guidelines should be amended by the following errata. Errata begin Delete Section 6(a)(2) and replace it with: “(2) Domain name Certificate Field subjectAlternativeName:dNSName Required/Optional Required Contents There MUST be at least one instance of this field that is associated with the Subject’s server(s), which MAY be owned and operated by the Subject or another entity (e.
Ballot 31 – Allow ETSI 102 042
August 6, 2009 by Ben WilsonBallot 31 – Allow ETSI 102 042 (Passed) Motion Iñigo Barreira has made the following motion, and Bjorn Vermo and Tom Albertson have endorsed it: Motion begins On page 3, replace: “Other groups that have participated in the process of developing these Guidelines include members of the Information Security Committee of the American Bar Association Section of Science & Technology Law, and WebTrust for CA. Participation by such groups does not imply their endorsement, recommendation or approval of the final product.
August 6, 2009 by Ben WilsonBallot 31 – Allow ETSI 102 042 (Passed) Motion Iñigo Barreira has made the following motion, and Bjorn Vermo and Tom Albertson have endorsed it: Motion begins On page 3, replace: “Other groups that have participated in the process of developing these Guidelines include members of the Information Security Committee of the American Bar Association Section of Science & Technology Law, and WebTrust for CA. Participation by such groups does not imply their endorsement, recommendation or approval of the final product.
Ballot 33- Subject Attribute Requirements
August 4, 2009 by Ben WilsonBallot 33- Subject Attribute Requirements (Passed Unanimously) Motion Steve Roylance made the following motion, and Johnathan Nightingale and Jay Schiavo endorsed it: Motion begins The Guidelines should be amended by the following erratum. Erratum begins Delete the following paragraph from Section 6. EV Certificate Content Requirements This section sets forth minimum requirements for the content of the EV Certificate as they relate to the identity of the CA and the Subject of the EV Certificate.
August 4, 2009 by Ben WilsonBallot 33- Subject Attribute Requirements (Passed Unanimously) Motion Steve Roylance made the following motion, and Johnathan Nightingale and Jay Schiavo endorsed it: Motion begins The Guidelines should be amended by the following erratum. Erratum begins Delete the following paragraph from Section 6. EV Certificate Content Requirements This section sets forth minimum requirements for the content of the EV Certificate as they relate to the identity of the CA and the Subject of the EV Certificate.
Ballot 32 – Revocation for Well-Known Private Key
July 29, 2009 by Ben WilsonBallot 32 – Revocation for Well-Known Private Key (Passed Unanimously) Motion Bruce Morton made the following motion, and Eddy Nigg and Nick Hales endorsed it: Motion begins The Guidelines should be amended by the following erratum. Erratum begins Delete the following paragraph from Section 27(b)3 of the Guidelines for the Processing of Extended Validation Certificates v1.1: “The CA obtains reasonable evidence that the Subscriber’s Private Key (corresponding to the Public Key in the EV Certificate) has been compromised, or that the EV Certificate has otherwise been misused;”
July 29, 2009 by Ben WilsonBallot 32 – Revocation for Well-Known Private Key (Passed Unanimously) Motion Bruce Morton made the following motion, and Eddy Nigg and Nick Hales endorsed it: Motion begins The Guidelines should be amended by the following erratum. Erratum begins Delete the following paragraph from Section 27(b)3 of the Guidelines for the Processing of Extended Validation Certificates v1.1: “The CA obtains reasonable evidence that the Subscriber’s Private Key (corresponding to the Public Key in the EV Certificate) has been compromised, or that the EV Certificate has otherwise been misused;”
Ballot 29 – Guidelines Renumbering
July 14, 2009 by Ben WilsonBallot 29 – Guidelines Renumbering (Passed) Motion Tim Moses has made the following motion, and Bjorn Vermo and Nick Hales have endorsed it: Motion begins Effective upon ratification of Version 1.2, the Guidelines should be renumbered in accordance with the following table. Proposed section number -> Current section label Front matter -> Front matter, A.1.(c) Guidelines Issuing Authority, A.1.(d) Revisions to Guidelines paras 1 and 2 ToC -> ToC Scope -> A.
July 14, 2009 by Ben WilsonBallot 29 – Guidelines Renumbering (Passed) Motion Tim Moses has made the following motion, and Bjorn Vermo and Nick Hales have endorsed it: Motion begins Effective upon ratification of Version 1.2, the Guidelines should be renumbered in accordance with the following table. Proposed section number -> Current section label Front matter -> Front matter, A.1.(c) Guidelines Issuing Authority, A.1.(d) Revisions to Guidelines paras 1 and 2 ToC -> ToC Scope -> A.
Ballot 27 – Alternatives for Verifying Domain Control
May 26, 2009 by Ben WilsonBallot 27 – Alternatives for Verifying Domain Control (Rejected) Motion Steve Roylance made the following motion, and Bruce Morton and Bjørn Vermo endorsed it: Motion begins The Guidelines should be amended by the following erratum. Erratum begins Replace 18(b)(2)(B): (B) In cases where the registered domain holder cannot be contacted, the CA MUST: (1) Rely on a Verified Legal Opinion to the effect that Applicant has the exclusive right to use the specified domain name in identifying itself on the Internet, and
May 26, 2009 by Ben WilsonBallot 27 – Alternatives for Verifying Domain Control (Rejected) Motion Steve Roylance made the following motion, and Bruce Morton and Bjørn Vermo endorsed it: Motion begins The Guidelines should be amended by the following erratum. Erratum begins Replace 18(b)(2)(B): (B) In cases where the registered domain holder cannot be contacted, the CA MUST: (1) Rely on a Verified Legal Opinion to the effect that Applicant has the exclusive right to use the specified domain name in identifying itself on the Internet, and