CA/Browser Forum
   HOME

TheInfoList



Click Here for Items Related To - CA/Browser Forum
OR:
CA/Browser Forum on:   [Wikipedia]   [Google]   [Amazon]

The Certification Authority Browser Forum, also known as the CA/Browser Forum, is a voluntary consortium of
certification authorities In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. This ...
, vendors of
Internet browser A web browser is application software for accessing websites. When a user requests a web page from a particular website, the browser retrieves its files from a web server and then displays the page on the user's screen. Browsers are used on ...
and secure email software, operating systems, and other PKI-enabled applications that promulgates industry guidelines governing the issuance and management of
X.509 In cryptography, X.509 is an International Telecommunication Union (ITU) standard defining the format of public key certificates. X.509 certificates are used in many Internet protocols, including TLS/SSL, which is the basis for HTTPS, the secu ...
v.3 digital certificates that chain to a
trust anchor In cryptographic systems with hierarchical structure, a trust anchor is an authoritative entity for which trust is assumed and not derived. In the X.509 architecture, a root certificate would be the trust anchor from which the whole chain of trus ...
embedded in such applications. Its guidelines cover certificates used for the SSL/TLS protocol and
code signing Code signing is the process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed. The process employs the use of a cryptographic hash to v ...
, as well as system and
network security Network security consists of the policies, processes and practices adopted to prevent, detect and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves th ...
of certificate authorities. , the consortium includes 54 certificate issuers, 11 certificate consumer vendors, and industry standards and audit bodies including the European Accredited Conformity Assessment Bodies’ Council (ACAB’C), the WebTrust Task Force, and the European Telecommunications Standards Institute (
ETSI The European Telecommunications Standards Institute (ETSI) is an independent, not-for-profit, standardization organization in the field of information and communications. ETSI supports the development and testing of global technical standard ...
).


Working groups

The CA/Browser Forum has these working groups: * Server Certificate Working Group, which has subcommittees for Validation and Network Security, which maintains the following standards: ** "Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates" (for SSL/TLS) ** "Guidelines For The Issuance And Management Of Extended Validation (EV) Certificates" (for SSL/TLS) ** "Network and Certificate System Security Requirements" * Code Signing Working Group which maintains: ** "Baseline Requirements for the Issuance and Management of Publicly-Trusted Code Signing Certificates" * S/MIME Certificate Working Group which is developing: ** "Baseline Requirements for the Issuance and Management of Publicly-Trusted S/MIME Certificates"


History

In 2005, Melih Abdulhayoglu of the Comodo Group organized the first meeting of CA/Browser Forum. The first meeting was held in New York City. This was followed by a meeting in November 2005 in Kanata, Ontario, and a meeting in December, 2005, in Scottsdale,
Arizona Arizona ( ; nv, Hoozdo Hahoodzo ; ood, Alĭ ṣonak ) is a state in the Southwestern United States. It is the 6th largest and the 14th most populous of the 50 states. Its capital and largest city is Phoenix. Arizona is part of the Fou ...
with the main objective to enable secure connections between users and websites. In addition to CA/Browser Forum members, representatives of the
Information Security Information security, sometimes shortened to InfoSec, is the practice of protecting information by mitigating information risks. It is part of Risk management information systems, information risk management. It typically involves preventing or re ...
Committee of the
American Bar Association The American Bar Association (ABA) is a voluntary bar association of lawyers and law students, which is not specific to any jurisdiction in the United States. Founded in 1878, the ABA's most important stated activities are the setting of aca ...
Section of Science & Technology, Law and the
Canadian Institute of Chartered Accountants The Canadian Institute of Chartered Accountants (CICA) was incorporated by an Act of the Parliament of Canada in 1902, which later became known as the ''Canadian Institute of Chartered Accountants Act''. The CICA developed and supported accounti ...
participated in developing the standards for issuing and managing Extended Validation SSL/TLS certificates. Version 1.0 of the EV Guidelines was adopted on 7 June 2007. In November 2011, the CA/Browser Forum adopted version 1.0 of the "Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates" intended to provide minimum security standards for all browser-trusted SSL/TLS certificates. Subsequent versions expanded the Baseline Requirements to directly incorporate requirements from browser root store policy programs such as those of Mozilla and Microsoft. In January 2013 the CA/Browser Forum's first "Network and Certificate System Security Requirements" took effect defining best practices for the general protection of CA networks and supporting systems. In February 2013 a new industry group, the
Certificate Authority Security Council The Certificate Authority Security Council (CASC) is a multi-vendor industry advocacy group created to conduct research, promote Internet security standards and educate the public on Internet security issues. History The group was founded in F ...
(CASC), was formed with a mission that includes promoting CA/Browser Forum standards. Membership requires adherence to CA/Browser Forum standards. The CASC's founding members consisted Comodo CA (now Sectigo),
Symantec Symantec may refer to: *An American consumer software company now known as Gen Digital Inc. *A brand of enterprise security software purchased by Broadcom Inc. Broadcom Inc. is an American designer, developer, manufacturer and global supplier ...
(now DigiCert),
Trend Micro is an American-Japanese multinational cyber security software company with global headquarters in Tokyo, Japan and Irving, Texas, United State.Other regional headquarters and R&D centers are located around East Asia, Southeast Asia, Europe, and ...
(now Entrust),
DigiCert DigiCert, Inc. is an American digital security company headquartered in Lehi, Utah, with offices in Australia, Ireland, Japan, India, France, South Africa, Switzerland and United Kingdom. As a certificate authority (CA) and trusted third party, D ...
,
Entrust Entrust Corp., formerly Entrust Datacard, provides software and hardware used to issue financial cards, e-passport production, user authentication for those looking to access secure networks or conduct financial transactions, trust certificat ...
, GlobalSign and
GoDaddy GoDaddy Inc. is an American publicly traded Internet domain registrar and web hosting company headquartered in Tempe, Arizona, and incorporated in Delaware. , GoDaddy has more than 21 million customers and over 6,600 employees worldwide. The ...
. In August 2020, the
S/MIME S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption and signing of MIME data. S/MIME is on an IETF standards track and defined in a number of documents, most importantly . It was originally developed by R ...
Certificate Working GroupCA/Browser Forum S/MIME Certificate Working Group https://cabforum.org/working-groups/smime-certificate-wg/ was chartered to create a baseline requirement applicable to CAs that issue S/MIME certificates used to sign, verify, encrypt, and decrypt email. In September 2020, the CA/Browser Forum adopted version 2.0 of the "Baseline Requirements for the Issuance and Management of Publicly-Trusted Code Signing Certificates", which had previously been maintained outside the group.


References


External links

* * * * {{DEFAULTSORT:Ca Browser Forum Key management Public key infrastructure Secure communication Certificate authorities