Re: [cabfpub] Code Signing Working Group - Call for Participants

I would like to participate in this working group. Thank you, Burton On Tue, Mar 12, 2019 at 4:46 PM Dean Coclin via Public wrote: > In accordance with the CA/B Forum Bylaws and the Charter of said working > group, the Interim Chair announces a call for Participants interested in > joining

[cabfpub] Resignation

Dear Chair/Vice-Chair, Thank you for this opportunity to work with you and others on this forum to improve the landscape of PKI, CA and everything else in-between. Please accept this email as notice of my resignation as an interested party of the CA/Browser Forum. This notice period is effective

[cabfpub] Skeleton in the closet and the Forum

Without full transparency, the appearance of the skeleton in the closet is closer than ever. That is the forums right now. The lack of transparency in regards to certain proceedings leaves a void of why. Why has certain things happened? What was the thinking behind this? So on and so forth. The

Re: [cabfpub] [Servercert-wg] Ballot FORUM-4 v3

I haven't got any influence in these proceedings at all but I feel that maybe the forum could use another platform for ballots. On Fri, Sep 14, 2018 at 7:50 PM Tim Hollebeek via Servercert-wg < servercert...@cabforum.org> wrote: > > > As no additional typos or mistakes appear to have been found

[cabfpub] Recording of meetings

Recording of certain meetings such as VWG should be available without request to the interested parties and public for scrutiny, etc. Also in the next F2F, it would be great if the VWG was streamed live on YouTube. James ___ Public mailing list

Re: [cabfpub] EXTERNAL: CAB Forum Countdown to IPR Agreement deadline

Hi Carl, I just signed the IPR Agreement here: https://cabforum.org/wp-content/uploads/CAB-Forum-Agreement-for-IPR-Policy_20FEB18.pdf and sent the document to Ben and Kirk email. Thank you James Burton On Wed, Apr 18, 2018 at 11:10 PM, Mehner, Carl via Public < public@cabforum.org> wrote: >

[cabfpub] Obtaining EV Cert for phishing and Companies House

Companies House has successfully prosecuted a company director for falsifying information on the register: https://www.gov.uk/government/news/uks-first-ever-successful-prosecution-for-false-company-information . James Burton ___ Public mailing list

Re: [cabfpub] Current list of OIDs for DV/OV/EV

Hi Eric, You can also obtain the current EV OIDs in used by CAs from Mozilla and Chromium EV list. Mozilla: https://dxr.mozilla.org/mozilla-central/source/security/certverifier/ExtendedValidation.cpp Chromium:

[cabfpub] VWG Meeting

I have been researching and looking into a new concept validation transparency system. This concept system will run coincide with CT and greatly enhance transparency in this ecosystem. If you can allocate me about 15 minutes of time at the start of the VWG meeting to explain this concept that

Re: [cabfpub] Attendance of Interested Parties at Working Group meetings

essage- From: Public [mailto:public-boun...@cabforum.org] On Behalf Of James Burton via Public Sent: Saturday, February 3, 2018 8:50 AM To: 'Gervase Markham' <g...@mozilla.org>; 'CA/Browser Forum Public Discussion List' <public@cabforum.org>; 'Kirk Hall' <kirk.h...@entrustdatacard

Re: [cabfpub] Attendance of Interested Parties at Working Group meetings

How many interested parties are there currently on this forum? -Original Message- From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Gervase Markham via Public Sent: 03 February 2018 13:29 To: Kirk Hall ; CA/Browser Forum Public Discussion

Re: [cabfpub] Allocating Time for Review of All Domain Validation Methods at F2F Meeting

The VWG is a closed group and it is hard to engage properly when you don't know what's going on. I feel that the VWG should spend more time getting opinions from people such as myself whether by Phone, Skype, F2F or etc. It will bring new ideas to the table which might not have been thought of

Re: [cabfpub] Allocating Time for Review of All Domain Validation Methods at F2F Meeting

That's an excellent idea. I would like to spend some time in discussing extended validation vetting. I feel that extended validated is not vetted to enough to acceptable standards. James On Fri, Feb 2, 2018 at 7:21 PM, Wayne Thayer via Public wrote: > Gerv and I, with

[cabfpub] Critical Vulnerability Scenario

I know every CA already has a disaster plan in place to maintain certain level of continuity in case of failure, weather and etc. But is there a global contingency plan in place if a critical vulnerability was found in one of the key systems which required immediate change over to a different

Re: [cabfpub] Restrict certificate lifetime to domain registration period (if certificate expiry date is greater than domain registration)

> > Subject: Re: [cabfpub] Restrict certificate lifetime to domain > registration period > > (if certificate expiry date is greater than domain registration) > > > > On 12/01/18 12:54, James Burton via Public wrote: > > > CAs could introduce a monthly certifica

Re: [cabfpub] Restrict certificate lifetime to domain registration period (if certificate expiry date is greater than domain registration)

CAs could introduce a monthly certificate pricing with a minimal start term of 3 months and you only pay for the months you need. On Fri, Jan 12, 2018 at 12:36 PM, Matthias Merkel wrote: > One thing you should consider though is that a lot of people only renew > their

Re: [cabfpub] Restrict certificate lifetime to domain registration period (if certificate expiry date is greater than domain registration)

I will compile a spreadsheet of whois availability of all TLDs listed here: https://www.iana.org/domains/root/db and get back to you with the results. On Fri, Jan 12, 2018 at 8:05 AM, Ryan Sleevi wrote: > > > On Thu, Jan 11, 2018 at 7:52 PM, James Burton

Re: [cabfpub] Restrict certificate lifetime to domain registration period (if certificate expiry date is greater than domain registration)

se, it must be possible to determine > the domain registration period. How do you propose to do that consistently > for all domains? (It's not actually available consistently). > > On Thu, Jan 11, 2018 at 5:56 PM, James Burton via Public < > public@cabforum.org> wrote: > >&

[cabfpub] Restrict certificate lifetime to domain registration period (if certificate expiry date is greater than domain registration)

Shouldn't we start restricting the certificate lifetime to domain registration period if the certificate expiry date is greater than domain registration period? ___ Public mailing list Public@cabforum.org https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] Obtaining an EV cert for phishing

hed pdf. This study will be updated with additional data soon. If > you are interested in other information about the value of website identity > on the internet, there are resources here: > > https://casecurity.org/identity/website-identity-documents/ > > > > *From:* Public [

Re: [cabfpub] Obtaining an EV cert for phishing

This company was incorporated as a limited company by guarantee with exemption from using the word limited at the end. This type of company differs from a normal share company and cannot be incorporated through the official Companies House site. You can learn more here: