[cabfpub] Draft Charter for Server Certificate Working Group

Peter Bowen pzb at amzn.com
Wed Oct 25 14:26:15 UTC 2017



> On Oct 24, 2017, at 11:06 AM, Ben Wilson via Public <public at cabforum.org> wrote:
> Members eligible to participate:  The Working Group shall consist of two classes of voting members, the CA Class and the Browser Class.  The CA Class shall consist of eligible Issuing CAs and Root CAs meeting the following criteria:  
> 
>  
> 
> (1)         Issuing CA: The member organization operates a certification authority that has a current and successful WebTrust for CAs audit, or ETSI TS 102042, ETSI 101456, or ETSI EN 319 411-1 audit report prepared by a properly-qualified auditor, and that actively issues certificates to Web servers that are openly accessible from the Internet, such certificates being treated as valid when using a browser created by a Browser member.  Applicants that are not actively issuing certificates but otherwise meet membership criteria may be granted Associate Member status under Bylaw Sec. 3.1 for a period of time to be designated by the Forum.
> 
>  
> 
> (2)          Root CA: The member organization operates a certification authority that has a current and successful WebTrust for CAs, or ETSI TS 102042, ETSI TS 101456, ETSI EN 319 411-1 audit report prepared by a properly-qualified auditor, and that actively issues certificates to subordinate CAs that, in turn, actively issue certificates to Web servers that are openly accessible from the Internet, such certificates being treated as valid when using a browser created by a Browser member.  Applicants that are not actively issuing certificates but otherwise meet membership criteria may be granted Associate Member status under Bylaw Sec. 3.1 for a period of time to be designated by the Forum.
> 
>  
> 
> A Non-CA member eligible to participate in the Browser Class is an organization that produces a software product intended for use by the general public for browsing the Web securely.
> 
>  
> 
> The Working Group shall include Interested Parties and Associate Members as defined in the Bylaws. 
> 

Shouldn’t organizations that meet the Issuing CA or Root CA criteria that also produce a software product intended for use by the general public for browsing the Web securely have the option of whether to participate as a CA Class or Browser Class member?  Otherwise I think we will be down to Mozilla and Opera as Browser Class members.

Thanks,
Peter

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20171025/d4226537/attachment-0003.html>


More information about the Public mailing list