Welcome to the CA/Browser Forum
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).
More information for about the forum and information for Site Owners, Developers, Auditors and Assessors, and Potential Members can be found in the About section of this website.
Recent posts
Ballot CSC-24 - Timestamping Private Key Protection
May 29, 2024 by Corey BonnellResults of Voting Yes No Abstain Certificate Issuers DigiCert, Entrust, Globalsign, HARICA, IdenTrust, Sectigo Certificate Consumers There were not enough Certificate Consumer votes to pass the ballot. Therefore, the ballot FAILS. Purpose of the Ballot This ballot updates the “Baseline Requirements for the Issuance and Management of Publicly‐Trusted Code Signing Certificates“ version 3.7 in order to clarify language regarding Timestamp Authority Private Key Protection. The main goals of this ballot are to:
May 29, 2024 by Corey BonnellResults of Voting Yes No Abstain Certificate Issuers DigiCert, Entrust, Globalsign, HARICA, IdenTrust, Sectigo Certificate Consumers There were not enough Certificate Consumer votes to pass the ballot. Therefore, the ballot FAILS. Purpose of the Ballot This ballot updates the “Baseline Requirements for the Issuance and Management of Publicly‐Trusted Code Signing Certificates“ version 3.7 in order to clarify language regarding Timestamp Authority Private Key Protection. The main goals of this ballot are to:
Ballot SMC07: Align Logging Requirement and Key Escrow clarification
May 24, 2024 by Stephen DavidsonBallot SMC07: Align Logging Requirement and Key Escrow clarification Summary: This ballot aims to clarify what data needs to be logged as part of the “Firewall and router activities” logging requirement in the S/MIME Baseline Requirements and align with a recent update within the TLS BRs. This ballot additionally aims to clarify that maximum certificate validity periods do not affect maximum key escrow duration periods. This ballot is proposed by Martijn Katerbarg (Sectigo) and endorsed by Stephen Davidson (DigiCert) and Tom Zermeno (SSL.
May 24, 2024 by Stephen DavidsonBallot SMC07: Align Logging Requirement and Key Escrow clarification Summary: This ballot aims to clarify what data needs to be logged as part of the “Firewall and router activities” logging requirement in the S/MIME Baseline Requirements and align with a recent update within the TLS BRs. This ballot additionally aims to clarify that maximum certificate validity periods do not affect maximum key escrow duration periods. This ballot is proposed by Martijn Katerbarg (Sectigo) and endorsed by Stephen Davidson (DigiCert) and Tom Zermeno (SSL.
2024-05-09 Minutes of the Server Certificate Working Group
May 9, 2024 by Iñigo BarreiraAttendance Aaron Gable - (Let’s Encrypt), Abhishek Bhat - (eMudhra), Adam Jones - (Microsoft), Adriano Santoni - (Actalis S.p.A.), Andrea Holland - (VikingCloud), Ben Wilson - (Mozilla), Brianca Martin - (Amazon), Brittany Randall - (GoDaddy), Bruce Morton - (Entrust), Chad Dandar - (Cisco Systems), Clint Wilson - (Apple), Corey Bonnell - (DigiCert), Corey Rasmussen - (OATI), Dimitris Zacharopoulos - (HARICA), Dong Wha Shin - (MOIS (Ministry of Interior and Safety) of the republic of Korea), Doug Beattie - (GlobalSign), Enrico Entschew - (D-TRUST), Georgy Sebastian - (Amazon), Gregory Tomko - (GlobalSign), Inaba Atsushi - (GlobalSign), Inigo Barreira - (Sectigo), Jaime Hablutzel - (OISTE Foundation), Johnny Reading - (GoDaddy), Jos Purvis - (Fastly), Keshava Nagaraju - (eMudhra), Kiran Tummala - (Microsoft), Luis Cervantes - (GoDaddy), Mads Henriksveen - (Buypass AS), Marco Schambach - (IdenTrust), Michelle Coon - (OATI), Miguel Sanchez - (Google), Mrugesh Chandarana - (IdenTrust), Nargis Mannan - (VikingCloud), Nate Smith - (GoDaddy), Naveen Kumar - (eMudhra), Nicol So - (CommScope), Nome Huang - (TrustAsia), Rebecca Kelly - (SSL.
More posts of the CA/Browser ForumMay 9, 2024 by Iñigo BarreiraAttendance Aaron Gable - (Let’s Encrypt), Abhishek Bhat - (eMudhra), Adam Jones - (Microsoft), Adriano Santoni - (Actalis S.p.A.), Andrea Holland - (VikingCloud), Ben Wilson - (Mozilla), Brianca Martin - (Amazon), Brittany Randall - (GoDaddy), Bruce Morton - (Entrust), Chad Dandar - (Cisco Systems), Clint Wilson - (Apple), Corey Bonnell - (DigiCert), Corey Rasmussen - (OATI), Dimitris Zacharopoulos - (HARICA), Dong Wha Shin - (MOIS (Ministry of Interior and Safety) of the republic of Korea), Doug Beattie - (GlobalSign), Enrico Entschew - (D-TRUST), Georgy Sebastian - (Amazon), Gregory Tomko - (GlobalSign), Inaba Atsushi - (GlobalSign), Inigo Barreira - (Sectigo), Jaime Hablutzel - (OISTE Foundation), Johnny Reading - (GoDaddy), Jos Purvis - (Fastly), Keshava Nagaraju - (eMudhra), Kiran Tummala - (Microsoft), Luis Cervantes - (GoDaddy), Mads Henriksveen - (Buypass AS), Marco Schambach - (IdenTrust), Michelle Coon - (OATI), Miguel Sanchez - (Google), Mrugesh Chandarana - (IdenTrust), Nargis Mannan - (VikingCloud), Nate Smith - (GoDaddy), Naveen Kumar - (eMudhra), Nicol So - (CommScope), Nome Huang - (TrustAsia), Rebecca Kelly - (SSL.