Date post: | 27-Jul-2015 |
Category: |
Technology |
Upload: | cascouncil |
View: | 109 times |
Download: | 0 times |
(C) GMO GlobalSign K.K. All Rights Reserved.
CA/Browser Forum
June 9, 2015
Atsushi [email protected]
To effect positive changes to improve Internet security
2
Agenda
1. CA/Browser Forum - Members
- Activities and Objectives
2. CA/Browser Forum Baseline Requirements - Guidelines produced by the forum
- Issuance of publicly-trusted certificate
3. Information for people interested in the forum - Membership - CA/Browser Forum Website
4
Members
(Bermuda), QuoVadis
(China),
Shanghai Electronic CA Center
WoSign (CzechPrvni certifikacni autorita
(Estonia),AS Sertifitseerimiskeskus
(France),
Certinomis
OpenTrust (Germany),D-TRUST (Israel),StartCom
Republic),
Actalis(Italy), (Japan),GlobalSign TrustSystems
(Lithuania),SSC
SECOM
Digidentity
ESG de Electronische Signatuur BV(Netherlands),
・ CAs <Go to the next page>
(China),
(France),
(Japan),
(Netherlands),
5
Members
・ CAs <Go to the next page>
(Netherlands),Logius (Norway),Buypass
Certum
(Spain),ANF Camerfirma Firmaprofesional
Izenpe
(Poland), (Slovakia),Disig(Romania),certSIGN
(Switzerland),Swisscom SwissSign
E-TUGRA TURK (Turkey),
Kamu Sertifikasyon Merkezi
TRUST
Trustis(UK),
KPN(Netherlands),
(Spain), (Spain),
(Spain), (Switzerland),
Chunghwa (Taiwan),TAIWAN-CATelecom(Taiwan),
(Turkey),
(Turkey),
6
Members
Network Solutions OATISymantec Corporation Trend Micro
・ CAs
・ Internet Browser Software VendorsApple,Google,Microsoft, Opera,Mozilla, Qihoo 360
・ Associate Members
ETSI,WebTrust,PayPal, US Federal PKI, tScheme,ICANN
Comodo DigiCert Entrust GoDaddy(USA),(USA), (USA),(USA),
(USA), (USA),
(USA), (USA),
Trustwave Wells Fargo BankVisa (USA)(USA), (USA),
7
Activities & Objectives
The Forum communicates through a variety of means,
- Email lists
- Web sites
- Telephone calls
- Face-to-face meetings
8
Activities & Objectives
・ The Forum is an unincorporated association of separate organizations.
・ The CA/Browser Forum advances industry best practices to improve the ways that certificates are used to the benefit of Internet users and the security of their communications.
2. CA/Browser Forum Baseline Requirements - Guidelines produced by the forum
- Issuance of publicly-trusted certificate
10
Guidelines produced by the forum
・ Baseline Requirements (2011- )
・ EV SSL Certificate Guidelines (2007- )
・ Network Security Requirements (2012- )
・ EV Code Signing Certificate Guidelines (2012- )
11
Issuance of publicly-trusted certificate
・ Because Browsers define the necessary conditions for authorizing CA with including requirements to obtain a audit (WebTrust or ETSI) and to conform to the CA/Browser Forum Guidelines.
・ CAs must adhere the CA/Browser Forum Guidelines to become the CA which is authorized by Browsers and can issue publicly-trusted certificate.
12
Issuance of publicly-trusted certificate
・ WebTrust for Certification Authorities
・ ETSI Technical Specification 102 042
- Integrated by AICPA and CICA. CA/Browser Forum Baseline Requirements have been included recently.
- Integrated by ETSI. CA/Browser Forum Baseline Requirements have been included recently.
AICPA : American Institute of Certified Public Accountants CICA : Canadian Institute of Chartered AccountantsETSI : European Telecommunications Standards Institute
14
Membership
・ The Forum is a voluntary group open to all CAs worldwide that issue publicly-trusted SSL certificates and all browsers and applications that produce a software product intended for use by the general public for browsing the Web securely.
・ Governed by CA/Browser Forum Bylaws.
・ Participants must agree to CA/Browser Forum’s Intellectual Property Rights Policy.