Welcome to the CA/Browser Forum
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).
More information for about the forum and information for Site Owners, Developers, Auditors and Assessors, and Potential Members can be found in the About section of this website.
Recent posts
Ballot SC-73: Compromised and weak keys
June 7, 2024 by Iñigo BarreiraVoting Results Certificate Issuers 23 votes total, with no abstentions: 23 Issuers voting YES: Actalis, Certum (Asseco), CFCA, CommScope, D-TRUST, Disig, Entrust, Fastly, GDCA, GlobalSign, GoDaddy, HARICA, iTrusChina, JPRS, Let’s Encrypt / ISRG, SECOM, Sectigo, SSL.com, SwissSign, Telia Company, TrustAsia, TWCA, VikingCloud 0 Issuers voting NO 0 Issuers ABSTAIN Certificate Consumers 1 votes total, with no abstentions: 1 Consumers voting YES: Mozilla 0 Consumers voting NO 0 Consumers ABSTAIN Bylaws Requirements Bylaw 2.
June 7, 2024 by Iñigo BarreiraVoting Results Certificate Issuers 23 votes total, with no abstentions: 23 Issuers voting YES: Actalis, Certum (Asseco), CFCA, CommScope, D-TRUST, Disig, Entrust, Fastly, GDCA, GlobalSign, GoDaddy, HARICA, iTrusChina, JPRS, Let’s Encrypt / ISRG, SECOM, Sectigo, SSL.com, SwissSign, Telia Company, TrustAsia, TWCA, VikingCloud 0 Issuers voting NO 0 Issuers ABSTAIN Certificate Consumers 1 votes total, with no abstentions: 1 Consumers voting YES: Mozilla 0 Consumers voting NO 0 Consumers ABSTAIN Bylaws Requirements Bylaw 2.
Ballot CSC-24 - Timestamping Private Key Protection
May 29, 2024 by Corey BonnellResults of Voting Yes No Abstain Certificate Issuers DigiCert, Entrust, Globalsign, HARICA, IdenTrust, Sectigo Certificate Consumers There were not enough Certificate Consumer votes to pass the ballot. Therefore, the ballot FAILS. Purpose of the Ballot This ballot updates the “Baseline Requirements for the Issuance and Management of Publicly‐Trusted Code Signing Certificates“ version 3.7 in order to clarify language regarding Timestamp Authority Private Key Protection. The main goals of this ballot are to:
May 29, 2024 by Corey BonnellResults of Voting Yes No Abstain Certificate Issuers DigiCert, Entrust, Globalsign, HARICA, IdenTrust, Sectigo Certificate Consumers There were not enough Certificate Consumer votes to pass the ballot. Therefore, the ballot FAILS. Purpose of the Ballot This ballot updates the “Baseline Requirements for the Issuance and Management of Publicly‐Trusted Code Signing Certificates“ version 3.7 in order to clarify language regarding Timestamp Authority Private Key Protection. The main goals of this ballot are to:
Ballot SMC07: Align Logging Requirement and Key Escrow clarification
May 24, 2024 by Stephen DavidsonBallot SMC07: Align Logging Requirement and Key Escrow clarification Summary: This ballot aims to clarify what data needs to be logged as part of the “Firewall and router activities” logging requirement in the S/MIME Baseline Requirements and align with a recent update within the TLS BRs. This ballot additionally aims to clarify that maximum certificate validity periods do not affect maximum key escrow duration periods. This ballot is proposed by Martijn Katerbarg (Sectigo) and endorsed by Stephen Davidson (DigiCert) and Tom Zermeno (SSL.
More posts of the CA/Browser ForumMay 24, 2024 by Stephen DavidsonBallot SMC07: Align Logging Requirement and Key Escrow clarification Summary: This ballot aims to clarify what data needs to be logged as part of the “Firewall and router activities” logging requirement in the S/MIME Baseline Requirements and align with a recent update within the TLS BRs. This ballot additionally aims to clarify that maximum certificate validity periods do not affect maximum key escrow duration periods. This ballot is proposed by Martijn Katerbarg (Sectigo) and endorsed by Stephen Davidson (DigiCert) and Tom Zermeno (SSL.