Re: [cabfpub] Ballot 185 (Revised) - Limiting the Lifetime of Certificates

DigiCert votes NO - we prefer a two-year certificate validity period and we're hopeful that with further discussion we can come to a consensus of two years. Our customers just aren't ready for a shorter certificate lifetime. From: Josh Aas via

Re: [cabfpub] Ballot 188 - Clarify use of term "CA" in Baseline Requirements

s amendment. > > > > Ben > > > > From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Ben Wilson via > Public > Sent: Tuesday, February 21, 2017 11:21 AM > To: public@cabforum.org > Cc: Ben Wilson <ben.wil...@digicert.com> > Subject: Re:

Re: [cabfpub] Ballot 188 - Clarify use of term "CA" in Baseline Requirements

This is a reminder that discussion is currently open on Ballot 188. The discussion period closes and voting begins at 2200 UTC on Thursday. Please take time to review the proposed changes before then. From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Dimitris Zacharopoulos via

Re: [cabfpub] Ballot 183 was approved

The current bylaws are now posted on the website – <https://cabforum.org/bylaws/> https://cabforum.org/bylaws/ A redlined version is here: <https://cabforum.org/wiki/Bylaws> https://cabforum.org/wiki/Bylaws From: Public [mailto:public-boun...@cabforum.org] On Behalf O

Re: [cabfpub] Ballot 183 was approved

My apologies, I think Kirk asked me to prepare an updated version. I’ll post one today. Ben Wilson, JD, CISA, CISSP VP Compliance +1 801 701 9678 From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Ryan Sleevi via Public Sent: Thursday, February 9, 2017 1:57 PM To:

Re: [cabfpub] SMIME Group Email List

r to working on a charter, should we resolve the governance issues about whether such things should be charterable? On Thu, Feb 9, 2017 at 8:28 AM, Ben Wilson via Public <public@cabforum.org <mailto:public@cabforum.org> > wrote: Prior to the chartering of the SMIME working gro

[cabfpub] Updated Baseline Requirements and EV Guidelines

The most current version of the Baseline Requirements (v.1.4.2) and EV Guidelines (v.1.6.1) are on the wiki, Github, and public web site. See https://cabforum.org/baseline-requirements-documents/ and https://cabforum.org/extended-validation/. Please let me know if you have any questions. Ben

[cabfpub] Call for Interest in Chartering S/MIME Working Group

This is a call for interest of CAB Forum members in participating in the chartering of a working group to work on S/MIME certificate guidelines. If you are interested, please send me an email and I'll add you to the group of interested members. smime.p7s Description: S/MIME

Re: [cabfpub] Voting has started on Ballot 181 - ends January 7

DigiCert "Abstains" on Ballot 181 Ben Wilson, JD, CISA, CISSP VP Compliance +1 801 701 9678 From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Kirk Hall via Public Sent: 02 January 2017 18:29 To: CA/Browser Forum Public Discussion List

Re: [cabfpub] Voting has started on Ballot 180 - ends January 7

DigiCert "Abstains" on Ballot 180 Ben Wilson, JD, CISA, CISSP VP Compliance +1 801 701 9678 From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Kirk Hall via Public Sent: 02 January 2017 18:28 To: CA/Browser Forum Public Discussion List

Re: [cabfpub] Naming rules

Ryan, I suppose you are unwilling to suggest language that would correct this perceived flaw in the proposal? Ben From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Ryan Sleevi via Public Sent: Tuesday, March 28, 2017 8:17 AM To: Rich Smith Cc: Ryan

Re: [cabfpub] Naming rules

in their DIT are uniquely identifiable, but in their totality are not. On Fri, Mar 24, 2017 at 5:46 PM, Ben Wilson via Public <public@cabforum.org <mailto:public@cabforum.org> > wrote: Attached is a redlined snippet from the Baseline Requirements. It proposes adding

Re: [cabfpub] Question on form of Review Notices

Just in case a "full" copy of the EV Guidelines or Baseline Requirements is deemed necessary, redlined versions have now been posted at https://cabforum.org/baseline-requirements-documents/ and

Re: [cabfpub] Naming rules

One alternative is to just drop the criterion, and then it doesn’t create an issue. “This field is also optional if the Relative Distinguished Name (RDN) matches the RDN of an organization’s registration in a national-government-adopted X.500 directory that does not contain the localityName

Re: [cabfpub] CAB Forum membership criteria

What about "While suspended, CAs may attend meetings but not vote." ? If someone makes a Contribution, I see that as something positive, because under 6.4.c. of the IPR Policy, "CAB Forum Participants that submit Contributions, by making a Contribution, represent and warrant that, to the

Re: [cabfpub] RFC5280-related Ballot - For Discussion

viewed prior to the production of 5280 - that is, it was known at the time 5280 was produced, and was decided not to adopt - see https://www.ietf.org/mail-archive/web/pkix/current/msg02357.html and https://www.ietf.org/mail-archive/web/pkix/current/msg02336.html On Mon, Apr 3, 2017 at 11:22 AM, Ben Wilso

Re: [cabfpub] RFC5280-related Ballot - For Discussion

i via Public <public@cabforum.org <mailto:public@cabforum.org> > wrote: That's an interesting take. I read the same discussions and took quite the opposite conclusion. On Mon, Apr 10, 2017 at 3:23 PM, Ben Wilson via Public <public@cabforum.org <mailto:public@cabforu

[cabfpub] RFC5280-related Ballot - For Discussion

Here is a redlined version of sections 7.1.4.2.1 and 7.1.4.2.2 of the Baseline Requirements which proposes amendments to the way the Baseline Requirements handle the maximum length for subjectAltName, commonName and organizationName and also clarifies the use of the underscore character.

Re: [cabfpub] Ballot 189 (revised) - Amend Section 6.1.7 of Baseline Requirements

DigiCert votes “Yes” From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Dimitris Zacharopoulos via Public Sent: Wednesday, April 5, 2017 1:47 AM To: public@cabforum.org Cc: Dimitris Zacharopoulos Subject: [cabfpub] Ballot 189 (revised) - Amend Section 6.1.7 of

Re: [cabfpub] Ballot 196: Define "Audit Period"

DigiCert votes “yes” From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Gervase Markham via Public Sent: Monday, April 3, 2017 12:06 PM To: CABFPub Cc: Gervase Markham Subject: [cabfpub] Ballot 196: Define "Audit Period" Ballot 196 -

Re: [cabfpub] Ballot 194 – Effective Date of Ballot 193 Provisions

DigiCert votes “yes” From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Chris Bailey via Public Sent: Sunday, April 2, 2017 2:27 PM To: public@cabforum.org Cc: Chris Bailey Subject: [cabfpub] Ballot 194 – Effective Date of Ballot 193 Provisions

Re: [cabfpub] Ballot 195: CAA Fixup

DigiCert votes “yes” From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Gervase Markham via Public Sent: Monday, April 3, 2017 11:58 AM To: CABFPub Cc: Gervase Markham Subject: [cabfpub] Ballot 195: CAA Fixup Ballot 195 - CAA Fixup

Re: [cabfpub] RFC5280-related Ballot - For Discussion

r Discussion No, encoding it as a UTF8String is not valid in the subjectAltName (whose type dNSName is defined as IA5String) On Tue, Apr 11, 2017 at 4:31 PM, Ben Wilson via Public <public@cabforum.org <mailto:public@cabforum.org> > wrote: If the ballot were amended to address on

Re: [cabfpub] RFC5280-related Ballot - For Discussion

public@cabforum.org <mailto:public@cabforum.org> > wrote: No, encoding it as a UTF8String is not valid in the subjectAltName (whose type dNSName is defined as IA5String) On Tue, Apr 11, 2017 at 4:31 PM, Ben Wilson via Public <public@cabforum.org <mailto:public@cabforum.org>

Re: [cabfpub] RFC5280-related Ballot - For Discussion

e definition of? The spec provides extensibility mechanisms that allow you to do what you want without breaking compliant code. On Apr 13, 2017, at 12:42 PM, Ben Wilson via Public <public@cabforum.org <mailto:public@cabforum.org> > wrote: Any endorsers? From: Public [mailto:pub

Re: [cabfpub] Pre-Ballot: Underscore Characters in SANs

Re: [cabfpub] Pre-Ballot: Underscore Characters in SANs On Thu, Apr 20, 2017 at 1:07 PM, Ben Wilson via Public <public@cabforum.org <mailto:public@cabforum.org> > wrote: All, I’m looking for two endorsers for a proposed amendment to section 7.1.4.2.1 of the Baseline Requ

[cabfpub] Pre-Ballot: Underscore Characters in SANs

All, I'm looking for two endorsers for a proposed amendment to section 7.1.4.2.1 of the Baseline Requirements--to be modified to allow the underscore character ("_") in SANs and to remove the sunset language in that section related to internal names and reserved IP addresses. The revised

Re: [cabfpub] Life after Ballot 188 - Clarify use of term "CA" in Baseline Requirements

Previously Ryan raised several concerns he had regarding Ballot 188. As discussed below, some of those concerns were not germane to the ballot, but were suggestions for future policy changes because the Working Group endeavored that the ballot be policy-neutral. I am not arguing that we were

Re: [cabfpub] Voting has started on Ballot 193 - 825-day Certificate Lifetimes

Digicert votes “Yes” From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Kirk Hall via Public Sent: Saturday, March 11, 2017 10:20 AM To: CA/Browser Forum Public Discussion List Cc: Kirk Hall Subject: [cabfpub] Voting has started

Re: [cabfpub] Pre-Ballot 209 EV Liability

31, 2017 9:27 AM To: Ben Wilson <ben.wil...@digicert.com>; CA/Browser Forum Public Discussion List <public@cabforum.org> Subject: Re: [cabfpub] Pre-Ballot 209 EV Liability On 25/07/17 21:59, Ben Wilson via Public wrote: > Here is another pre-ballot for discussion. Can you explai

Re: [cabfpub] [EXTERNAL]Re: Ballot 190 - Recording BR Version Number

sed on approved ballots rather than being dependent on BR version numbers 3. Doesn’t require a separate section of the BRs to be updated and kept in synch 4. Can easily be added to ballot 190 while we’re waiting for ballot 202 Thanks, Wayne On 8/1/17, 9:28 AM, "Public on behalf of B

Re: [cabfpub] Ballot 204: Forbid DTPs from doing Domain/IP Ownership Validation

DigiCert votes “yes” on Ballot 204. From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Gervase Markham via Public Sent: Monday, June 26, 2017 8:18 AM To: CABFPub > Subject: [cabfpub] Ballot 204: Forbid DTPs from doing Domain/IP

[cabfpub] CABF Plenary Teleconference Calls

All, If it's alright, and for the benefit of members located in Asia, I'm going to start posting the WebEx recordings of CAB Forum plenary meeting calls to the wiki. Access to the recording of today's call is available here: https://cabforum.org/wiki/Teleconference%20recordings Ben

Re: [cabfpub] Pre-Ballot 209 EV Liability

ilto:public@cabforum.org> <public@cabforum.org> Subject: Re: [cabfpub] Pre-Ballot 209 EV Liability Hi Ben, could it be "or" between (1) and (2)? Thanks, M.D. On 7/25/2017 11:59 PM, Ben Wilson via Public wrote: Here is another pre-ballot for discussion. Ballot 209 - EV L

Re: [cabfpub] Pre-Ballot 209 EV Liability

Never mind – I think I now see your point. Not “up to” it needs to be “not less than $5 million.” Would that make it clearer? Ben Wilson, JD, CISA, CISSP VP Compliance +1 801 701 9678 From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Ben Wilson via Public Sent: Tuesday

Re: [cabfpub] Pre-Ballot 209 EV Liability

From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Ben Wilson via Public Sent: Tuesday, July 25, 2017 5:10 PM To: Moudrick M. Dadashov <m...@ssc.lt <mailto:m...@ssc.lt> >; CA/Browser Forum Public Discussion List <public@cabforum.org <mailto:public@cabforum.org&

Re: [cabfpub] Ballot 202 - Underscore and Wildcard Characters

Jul 12, 2017, at 10:24 AM, Ben Wilson via Public <public@cabforum.org <mailto:public@cabforum.org> > wrote: Ballot 202 - Underscore and Wildcard Characters The current Baseline Requirements do not expressly allow underscore characters in Subject Alternative Names. This ballot see

Re: [cabfpub] Ballot 202 - Underscore and Wildcard Characters

DigiCert votes “Yes” From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Ben Wilson via Public Sent: Wednesday, July 19, 2017 4:34 PM To: Peter Bowen <p...@amzn.com>; CA/Browser Forum Public Discussion List <public@cabforum.org>; Ryan Sleevi <sle...@google.c

Re: [cabfpub] [EXTERNAL]Re: Ballot 190 - Recording BR Version Number

Maybe someone could provide an example of how the BR version number would appear at the end of each validation method? For example, would it look like this? [BR 1.5.0] - with the implication that the method was allowed as of BR v. 1.5.0 going forward until the current version of the BRs? If

Re: [cabfpub] Updated Ballot 190 v2 dated June 29, 2017

Here is the comment tracking document. https://docs.google.com/spreadsheets/d/1uhKyrW9v9dDqgo4sVxoRx5e7sw0GE6zDoYqe EoE1WiI/edit?usp=sharing (If you make any changes, be sure to save a copy of

Re: [cabfpub] Ballot 192 - Notary revision

Digicert votes "yes" From: Bruce Morton via Public Sent: ‎6/‎25/‎2017 3:56 PM To: CA/Browser Forum Public Discussion List Subject: Re: [cabfpub] Ballot 192 - Notary revision Entrust votes Yes to ballot 192.

Re: [cabfpub] Ballot 205: Membership-Related Clarifications

DigiCert votes “yes” From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Gervase Markham via Public Sent: Thursday, June 22, 2017 5:43 AM To: CABFPub Subject: [cabfpub] Ballot 205: Membership-Related Clarifications Ballot 205: Membership-Related

Re: [cabfpub] Voting on Ballot 192 ends tomorrow (Wed. June 28) at 22:00 UTC

Please vote so that we reach quorum From: Kirk Hall via Public Sent: ‎6/‎27/‎2017 2:54 PM To: CA/Browser Forum Public Discussion List Subject: [cabfpub] Voting on Ballot 192 ends tomorrow (Wed. June 28) at

Re: [cabfpub] Four sets of changes for proposed ballots

I’m helping to prepare ballots for these four sets of changes. So far, here are the anticipated endorsers: Peter B., Ryan S. and I intend to present the “underscores” ballot shortly (Ballot 202). I believe that Peter and Li Chun Chen will be presenting the ASN1 ballot, and I’m willing to

Re: [cabfpub] Ballot 197 – Effective Date of Ballot 193 Provisions (amended April 26)

DigiCert votes “yes” From: Public > on behalf of Kirk Hall via Public > Reply-To: CA/Browser Forum Public Discussion List > Date:

Re: [cabfpub] Baseline Requirements v. 1.4.6

All versions are now posted here - <https://cabforum.org/baseline-requirements-documents/> https://cabforum.org/baseline-requirements-documents/ I will upload them to the wiki and update the GitHub version. From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Ben Wilson via

Re: [cabfpub] [EXTERNAL]Re: Ballot 190 - Recording BR Version Number

Are we talking about what the CA records in its database for the validation method used, or are we talking about annotating the BRs with a record of when a change was made? -Original Message- From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Gervase Markham via Public Sent:

Re: [cabfpub] [EXTERNAL]Re: Ballot 190 - Recording BR Version Number

There are two sides to this - one is with the CAs, where they record what method was used, and the other is at the CA/Browser Forum level, where someone maintains a chart, or whatever, of validation methods in effect, and historically which ones were effective during which periods.

Re: [cabfpub] Random value reuse

Putting the issue of "reuse" aside, do we need to clarify this issue of which random value methods can be used in combination with others? It seems that a random value could be provided to the domain contact / admin under methods 2, 3 (if you wanted) or 4 and then used within 30 days for

Re: [cabfpub] Random value reuse

g> >>> Cc: Gervase Markham <g...@mozilla.org>; Jeremy Rowley >>> <jeremy.row...@digicert.com>; Rich Smith <richard.sm...@comodo.com>; >>> Peter Bowen <p...@amzn.com> >>> Subject: Re: [cabfpub] Random value reuse >>> >>> I thi

Re: [cabfpub] Random value reuse

it was sent… > On 9 Aug 2017, at 1:54 pm, Ben Wilson via Public <public@cabforum.org> wrote: > > Putting the issue of "reuse" aside, do we need to clarify this issue of > which random value methods can be used in combination with others? It seems > that a rando

Re: [cabfpub] Pre-Ballot 209 EV Liability

hink I now see your point. Not “up to” it needs to be “not less than $5 million.” Would that make it clearer? Ben Wilson, JD, CISA, CISSP VP Compliance +1 801 701 9678 From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Ben Wilson via Public Sent: Tuesday, July 25, 2017 5:10 PM

Re: [cabfpub] Revocation Timeframe Ballot Language

red in https://cabforum.org/pipermail/public/2015-March/005312.html Are there new concerns why that approach wouldn't work? On Tue, May 2, 2017 at 7:23 PM, Ben Wilson via Public <public@cabforum.org<mailto:public@cabforum.org>> wrote: All, Attached is a redlined Word doc con

Re: [cabfpub] Profiling OCSP & CRLs

onable expectations. That is, there's a lot - a *lot* - that can go wrong with 1 year OCSP responders/CRLs. So if we're going to allow them, we need CAs to think about the technical risks and make proactive suggestions on how best to codify that. Because just a blanket "1 year respond

[cabfpub] Network Security Controls

One of the sources of external standards mentioned during our last face-to-face meeting was CIS' List of 20 Critical Security Controls, which I've uploaded here to the wiki for your reference - https://cabforum.org/wiki/Security. (Previous drafts of the network security requirements can be found

Re: [cabfpub] Baseline Requirements "Certificate Policy" for the Issuance and Management of Publicly-Trusted Certificates

I’d support removing the words “Certificate Policy” from the document title, if that is the request, but I am fine with whatever the group decides. From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Rich Smith via Public Sent: Wednesday, June 21, 2017 5:51 PM To: 'Ryan Sleevi'

Re: [cabfpub] Ballot 191 - Clarify Place of Business Information

Just a clarification for everyone, the text below was copied out of the wiki with wiki markup language, so the following text is being deleted --(City, State, and country - Required; Street and postal code - Optional)-(the open and close parentheses with dashes indicates a deletion). From:

Re: [cabfpub] Ballot 200 - Amendment of Bylaws to add Code of Conduct

DigiCert votes “Yes” From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Virginia Fournier via Public Sent: Tuesday, May 16, 2017 2:55 PM To: CA/Browser Forum Public Discussion List Cc: Virginia Fournier Subject: [cabfpub] Ballot 200 -

Re: [cabfpub] Ballot 191 - Clarify Place of Business Information

f Business Information Here is a markup of BR section 9.2.7 for ballot 191. Thanks, Bruce. From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Ben Wilson via Public Sent: Thursday, May 18, 2017 11:18 AM To: CA/Browser Forum Public Discussion List <public@cabforum.org<mailto:p

Re: [cabfpub] [EXTERNAL]Re: Revised Notice of Review Period - Ballot 198 - .Onion Revisions

lic@cabforum.org> and voted on - which included the redline changes). That is, it's unclear whether the text Kirk included in the Review Notice - which is different than the ballot (since it omits the redlines) - supersedes/replaces the Ballot itself. Does this capture every possible in

Re: [cabfpub] Revised Notice of Review Period - Ballot 198 - .Onion Revisions

n the Review Notice - which is different than the ballot (since it omits the redlines) - supersedes/replaces the Ballot itself. Does this capture every possible interpretation? Are the others? On Tue, May 16, 2017 at 1:00 PM, Ben Wilson via Public <public@cabforum.org <mailto:

Re: [cabfpub] Pre-Ballot: Underscore Characters in SANs

Let me word this another way. Who believes that an underscore character cannot be the first character in an FQDN? -Original Message- From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Ben Wilson via Public Sent: Thursday, June 1, 2017 12:22 PM To: Peter Bowen <p...@amzn.

Re: [cabfpub] Pre-Ballot: Underscore Characters in SANs

positions permitted to contain a hyphen character` 2) I would suggest adding a definition of Wildcard Domain Name and then using it here. `Wildcard Domain Name: A Domain Name formed by prepending "*." to a FQDN` Thanks, Peter On May 25, 2017, at 1:08 PM, Ben Wilson via Public <

Re: [cabfpub] Pre-Ballot: Underscore Characters in SANs

ot start or end a label. I suggest `one or more underscore characters (“_”) may be present in the FQDN in positions permitted to contain a hyphen character` 2) I would suggest adding a definition of Wildcard Domain Name and then using it here. `Wildcard Domain Name: A Domain Name formed by prep

Re: [cabfpub] Pre-Ballot: Underscore Characters in SANs

omain Name: A Domain Name formed by prepending "*." to a FQDN` Thanks, Peter > On May 25, 2017, at 1:08 PM, Ben Wilson via Public <public@cabforum.org> > wrote: > > I’m looking for two endorsers for Ballot 202 – Underscore Characters > in SANS The current Baseli

Re: [cabfpub] Pre-Ballot: Underscore Characters in SANs

fully support a defense in depth approach that reflects CAs obligations and expectations to abide by the relative standards and wellformedness. On Thu, Jun 1, 2017 at 2:21 PM, Ben Wilson via Public <public@cabforum.org <mailto:public@cabforum.org> > wrote: Peter, Respectfully, I

Re: [cabfpub] Pre-Ballot: Underscore Characters in SANs

of Wildcard Domain Name and then using it here. `Wildcard Domain Name: A Domain Name formed by prepending "*." to a FQDN` Thanks, Peter On May 25, 2017, at 1:08 PM, Ben Wilson via Public <public@cabforum.org <mailto:public@cabforum.org> > wrote: I’m looking for two endo

Re: [cabfpub] Ballot 199 - Require commonName in Root and Intermediate Certificates

DigiCert votes yes. From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Doug Beattie via Public Sent: Friday, May 5, 2017 12:42 PM To: CA/Browser Forum Public Discussion List Cc: Doug Beattie Subject: Re: [cabfpub] Ballot 199 -

Re: [cabfpub] Ballot 199 - Require commonName in Root and Intermediate Certificates

Two questions, Gerv. 1 - Does this ballot rule out “vanity CAs” – CAs with customer names in the subject field, even though the key is held by the root CA? (I can provide further clarification, and/or examples, if necessary. 2- What is the full current wording of Ballot 199? Thanks,

Re: [cabfpub] Pre-Ballot: Underscore Characters in SANs

eserved IP Address. --Motion Ends-- Thanks, Ben From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Ben Wilson via Public Sent: Thursday, April 20, 2017 12:09 PM To: Ryan Sleevi <sle...@google.com>; CA/Browser Forum Public Discussion List <public@cabforum.org> C

Re: [cabfpub] Preballot - Revised Ballot 190

Pre-validation is a common practice. Here is scenario: 1 – a. Customer signs a contract with domains listed therein, or b. signs up for an account, obtains a username/password and submits domain names. 2 – CA starts the domain validation process 3 – Customer submits CSR 4 – CA

[cabfpub] Ballot 190 and BR v. 1.5.2

With passage of Ballot 190, I have created a new version 1.5.2 of the Baseline Requirements, which I'll post shortly to the Forum website. However, we've noticed in creating this version 1.5.2 that Ballot 190 was drafted before passage of Ballot 204, which removed "or Delegated Third Party" from

Re: [cabfpub] Voting has started on Ballot 190

DigiCert votes “yes” From: Public > on behalf of Kirk Hall via Public > Reply-To: Kirk Hall >, CA/Browser

Re: [cabfpub] [EXTERNAL]Missing Failed Ballots results on webpage

Ryan and Kirk, I’ve posted the three failed ballots to the CA/Browser Forum website now. https://cabforum.org/2017/02/24/ballot-185-limiting-lifetime-certificates/

Re: [cabfpub] BRs, EVGLs, and "latest version"

Would all of the browsers need to adopt some type of statement to the effect that "all CAs are expected to comply with the most recent version of the Baseline Requirements and EV Guidelines? It seems you are just moving the statement/requirement from one place to another? -Original

Re: [cabfpub] BRs, EVGLs, and "latest version"

Ryan, One issue with the qualified audit, as was expressed during the face-to-face meeting, although I haven’t been able to find it, is that Microsoft apparently requires the WebTrust seal, which is based on an unqualified audit. If anyone can point me to the requirement, I’d appreciate

Re: [cabfpub] Pre-Ballot 209 EV Liability

on 9.9 of the Baseline Requirements. From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Ben Wilson via Public Sent: Tuesday, July 25, 2017 6:37 PM To: Moudrick M. Dadashov <mailto:m...@ssc.lt> <m...@ssc.lt>; CA/Browser Forum Public Discussion List <mailto:publ

Re: [cabfpub] Voting has started on Ballot 210 (NetSec Revisions)

ions) Entrust votes yes From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Ben Wilson via Public Sent: Saturday, August 12, 2017 8:30 PM To: CABFPub <public@cabforum.org<mailto:public@cabforum.org>> Subject: cabfpub] Ballot 210: Misc. Changes to the Network and

[cabfpub] Ballots 210 and 212

The documents amended by Ballots 210 and 212 (the Network and Certificate System Security Requirements and the Baseline Requirements, respectively), have been updated on GitHub and are live now on the CA/Browser Forum website. I'll upload the Word versions of the files up to the wiki shortly.

Re: [cabfpub] Ballot 212: Canonicalise formal name of the Baseline Requirements

DigiCert votes “yes” Ben Wilson, JD, CISA, CISSP VP Compliance +1 801 701 9678 From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Gervase Markham via Public Sent: Friday, August 18, 2017 9:06 AM To: CABFPub Subject: [cabfpub] Ballot 212: Canonicalise

Re: [cabfpub] Ballot 217: Sunset RFC 2527

DigiCert votes "Yes" on Ballot 217 On 7 Dec 2017, at 16:52, Ryan Sleevi via Public > wrote: Ballot 217: Sunset RFC 2527 Purpose of Ballot: The Baseline Requirements and Extended Validation Guidelines require that CA's disclosures of

Re: [cabfpub] Ballot 216: Update Discussion Period Process

DigiCert votes “Yes” on Ballot 216 On Tue, Dec 12, 2017 at 1:51 PM, Gervase Markham via Public > wrote: [Updated endorsers, 2nd attempt. Timeline unchanged.] Ballot 216: Update Discussion Period Process Purpose of Ballot: The current voting

Re: [cabfpub] CAA working group description

Let’s put this on the agenda for next CABF teleconference. Ben Wilson, JD, CISA, CISSP VP Compliance +1 801 701 9678 From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Geoff Keating via Public Sent: Monday, October 9, 2017 5:04 PM To: Phillip ;

[cabfpub] Draft Charter for Server Certificate Working Group

For everyone's review, here is a draft charter from the Governance Reform Committee. This charter would be attached to Ballot 206 (Amendment to IPR Policy & Bylaws re Working Group Formation) and would create the Server Certificate Working Group under the new structure of the Forum.

[cabfpub] New Server Certificate Working Group

Hi All, As Kirk mentioned during the teleconference call yesterday, we are in the process of spinning up the Server Certificate Working Group and will hold our first meeting on July 12. Kirk and I will be sending out a more formal announcement of that meeting and solicitation for

Re: [cabfpub] Ballot 208 - dnQualifiers

DigiCert votes "yes" on Ballot 208 From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Ben Wilson via Public Sent: Thursday, October 12, 2017 12:05 PM To: CABFPub <public@cabforum.org> Subject: [cabfpub] Ballot 208 - dnQualifiers Ballot 208 - dnQualifiers Th

[cabfpub] Minutes for CA/Browser Forum Teleconference – Oct. 12, 2017

Minutes for CA/Browser Forum Teleconference – Oct. 12, 2017 Attendees: Arno Fiedler (D-TRUST), Atsushi Inaba (GlobalSign), Ben Wilson (DigiCert), Christopher Kemmerer (SSL.com), Connie Enke (SwissSign), Curt Spann (Apple), Devon O’Brien (Google), Doug Beattie (GlobalSign), Frank Corday

Re: [cabfpub] No post of CABF minutes of Oct 12, 2017 Teleconference call

I’ve posted them now. https://cabforum.org/2017/10/12/2017-10-12-minutes/ Ben Wilson, JD, CISA, CISSP VP Compliance +1 801 701 9678 From: Public [mailto:public-boun...@cabforum.org] On Behalf Of realsky(CHT) via Public Sent:

Re: [cabfpub] Pre-Ballot 206 - Amendment to IPR Policy & Bylaws re Working Group Formation

or replace "Browsers" with "Application Software Suppliers" (which doesn't sound very well). Dimitris. On 11/1/2018 7:21 πμ, Ben Wilson via Public wrote: As a preface to tomorrow's discussion of the proposed Bylaw revisions, here is a synopsis of some of the propos

[cabfpub] CP Review Working Group's GitHub Branch -Pull Request #84

All, The Policy Review Working Group has just completed its review of the Baseline Requirements in an attempt to clarify use of the term "CA", which sometimes can be ambiguous. As you have been briefed several times, we chose the term "TSP" to refer to the legal entity that operates the CA,

[cabfpub] FW: Fond Farewell to Gerv Markham

Below I have forwarded Kathleen Wilson's message from the Mozilla Dev Security Policy list. It is with great sadness that we have learned the news of Gerv Markham's passing. I uploaded a few photos of Gerv from a few of our social events to the wiki - https://cabforum.org/wiki/Gerv As

[cabfpub] Final Minutes for CA/Browser Forum Teleconference – 9 August 2018

Final Minutes for CA/Browser Forum Teleconference - 9 August 2018 Attendees: Arno Fiedler (D-TRUST), Atsushi Inaba (GlobalSign), Ben Wilson (DigiCert), Corey Bonnell (Trustwave),Daymion Reynolds (GoDaddy), Dean Coclin (DigiCert), Devon O'Brien (Google), Dimitris Zacharopoulos (HARICA), Doug

[cabfpub] Final Minutes for Server Certificate Working Group Teleconference – 9 August 2018

Final Minutes for Server Certificate Working Group Teleconference - 9 August 2018 Attendees: 1. Roll Call. The roll call occurred on the previous Forum teleconference. 2. Read Antitrust Statement. Reading of the Antitrust Statement occurred on the previous Forum teleconference.

[cabfpub] CAB Forum Chair Candidate Statement

Hi. I'm Ben Wilson. Many of you know me, but for those who may not, I am DigiCert's VP of Compliance and have worked in PKI for approximately 20 years during which I have been an active participant in the work of the CA/Browser Forum (CAB Forum) and have held a variety of CABF leadership

[cabfpub] Ballot Forum-2 - Chair and Vice-Chair Term Extensions

Ballot Forum-2 - Chair and Vice-Chair Term Extensions Ben Wilson of DigiCert calls the following proposed ballot to be published for discussion and comment by the CABF membership. Dimitris Zacharopoulos of HARICA and Jos Purvis of Cisco have endorsed the proposed ballot. Explanation

Re: [cabfpub] [cabfman] Ballot Forum-3: Election of CA/Browser Forum Chair - ELECTION RESULTS

Congratulations, Dimitris! I look forward to supporting you in your new role. From: Public On Behalf Of Wanko, Clemens via Public Sent: Thursday, September 6, 2018 11:35 AM To: public@cabforum.org Subject: Re: [cabfpub] [cabfman] Ballot Forum-3: Election of CA/Browser Forum Chair - ELECTION

[cabfpub] Server Certificate Working Group List

If you are interested in following the work of the Server Certificate Working Group, you can subscribe here: https://cabforum.org/mailman/listinfo/servercert-wg If you subscribe, and after a while you notice that you are not receiving emails sent to

[cabfpub] Server Certificate WG Mailing List

If you have not subscribed to the Server Certificate WG Mailing List, please go here: https://cabforum.org/mailman/listinfo/servercert-wg Posting privileges will be granted to members, associate members, and interested parties who have signed the IPR Agreement and formally declared their

Re: [cabfpub] Forum Infrastructure Working Group: Initial Meeting and Declarations

Just a reminder – Jos, Ryan, Wayne, Moudrick and Dimitris have signed up so far on the wiki for the Infrastructure WG. Other takers? From: Public On Behalf Of Ben Wilson via Public Sent: Friday, August 31, 2018 12:00 PM To: Jos Purvis (jopurvis) ; CA/Browser Forum Public

Re: [cabfpub] Forum Infrastructure Working Group: Initial Meeting and Declarations

From: Public mailto:public-boun...@cabforum.org> > On Behalf Of Ben Wilson via Public Sent: Tuesday, September 11, 2018 9:00 AM To: CA/Browser Forum Public Discussion List mailto:public@cabforum.org> >; Jos Purvis (jopurvis) mailto:jopur...@cisco.com> > Subject: Re: [cabfpub] Fo

  1   2   >