www.archive-org-2013.com » ORG » C » CABFORUM

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".

    Archived pages: 23 . Archive date: 2013-10.

  • Title: The Certification Authority/Browser Forum
    Descriptive info: .. Documents.. Contact CA/B Forum.. Home.. CA/Browser Forum.. EV SSL Certificates.. Objectives.. Vetting Process.. Certificate Contents.. FAQ.. 30 August 2013.. CA/B Forum welcomes new members.. Since May 2013, five new Certificate Authorities have joined the CA/Browser Forum.. We welcome the following global companies:.. AS Sertifitseerimiskeskus.. Disig, a.. s.. Firmaprofesional.. Prvni certifikacni autorita, a.. WoSign.. Each new member has met the CA/B Forum requirements in issuing publicly trusted SSL certificates, undergoing a 3rd party audit, and has signed the Intellectual Property Rights (IPR) policy.. The new members represent geographically diverse Certificate Authorities from Estonia, Slovakia, Spain, Czech Republic and China.. We look forward to enhancing the overall knowledge base of the CA/B Forum with these additional members.. This brings the total membership to 45 Certificate Authorities and Browsers.. 22 April 2013.. Announcing the formation of the Code Signing Working Group - Call for Participants.. The CA/Browser Forum has chartered a Code Signing Working Group, the purpose of which is to come up with Baseline Requirements to reduce the incidences of signed malware.. The CA/Browser Forum would like to invite interested third parties to participate.. The working group meets bi-weekly by phone and had its first face to face meeting in Munich on June 13th coinciding with the regular CA/Browser Forum meeting.. Interested parties will need to:.. Review the Intellectual Property Rights policy (.. https://cabforum.. org/IPR_Policy_V1.. pdf.. ) and complete the IPR agreement which can be found here:.. org/IPR_Agreement_V1.. Send an email to questions@cabforum.. org with your name, organization (if applicable), contact details and the signed agreement with the subject: Code Signing Working Group Participation.. Once the Chair determines all is in order, you will be added to the mailing list and invited to the conference calls.. As the title of this group states, this is a Working Group, meaning everyone is expected to contribute in some fashion.. Please do not apply if you can't devote time to attend and participate in the discussion.. 4 February 2013.. Guidance on the Deprecation of Internal Server Names and Reserved IP Addresses.. This document explains the changes to Certification Authority support for internal server names and reserved IP dddresses and the reasons behind the new rules that were introduced in the Baseline Requirements for the Issuance and Management of Publicly Trusted Certificates, Version 1.. 0 that took effect effect on July 1, 2012:.. 17 January 2013.. CA/Browser Forum adopts Bylaws.. In late November, the CA/Browser Forum adopted its first formal.. bylaws.. that document and update the forum's rules of governance, including rules for public participation in the forum's activities.. 9 August 2012.. CA/Browser Forum adopts Intellectual Property Rights (IPR) policy.. In order to protect the Intellectual Property of its members, the CA/Browser forum has adopted an.. IPR policy.. which has been signed by over 30 companies including the biggest names in the technology industry.. The complete list of current members is here:.. http://www.. cabforum.. org/forum.. html.. The policy can be found on the documents page:.. org/documents.. 2 August 2012.. Forum Discussions are Now Public.. The CA/Browser Forum has created a public mailing list, intended to be used for normal CA/Browser Forum discussions, which can be read (but not posted to) by interested parties.. Visit the list's.. web page to sign up.. 5 July 2012.. Governance Proposals Published, Advancing Toward Adoption.. During last week's meeting in Norway, the CA/Browser Forum agreed to advance four governance proposal through a voting process that will result in the decision to keep the current structire in place, or to adopt one of the four new proposals.. The proposals are published here for public review and comment:.. DigiCert.. Microsoft.. PayPal.. Trend Micro.. Please send comments to.. public@cabforum.. org.. Please note that this is a moderated mailing  ...   individuals on these topics.. We encourage stakeholders to submit their comments to.. questions@cabforum.. now through March 30, 2012.. All submissions will be posted publicly on the CA/Browser Forum website.. (www.. org).. 14 December 2011.. CA/Browser Forum Approves Baseline Requirements for SSL/TLS Certificates.. First industry-wide standard for the issuance and management of SSL/TLS digital certificates.. DOWNLOAD THE DOCUMENT.. The CA/Browser Forum has released the "Baseline Requirements for the Issuance and Management of Publicly Trusted Certificates," the first international baseline standard for the operation of Certification Authorities (CAs) issuing SSL/TLS digital certificates natively trusted in browser software.. SSL/TLS digital certificates are used to authenticate the ownership of websites and other online resources, as well as to encrypt information for privacy as it crosses the Internet and other networks.. "SSL/TLS certificates are a critical part of the Internet's security infrastructure, combining proven technical standards with the capability to scale to handle millions of websites and the wide array of user software," said Tim Moses, Chairman of the CA/Browser Forum.. "The new Baseline Requirements will improve the reliability and accountability of SSL/TLS issuance for relying parties by establishing baseline standards for all types of SSL/TLS certificates from all publicly-trusted CAs.. ".. The Baseline Requirements draw upon best practices from across the SSL/TLS sector to provide clear standards for CAs on important subjects including verification of identity, certificate content and profiles, CA security, revocation mechanisms, use of algorithms and key sizes, audit requirements, liability, privacy and confidentiality, and delegation (including external sub-CAs and registration authorities).. The Baseline Requirements become effective on July 1, 2012 allowing CAs time to bring their SSL/TLS policies and practices into compliance with the standard.. The CA/B Forum intends to continue development of the Baseline Requirements to address the evolving risks and threats involving the issuance or use of SSL/TLS certificates.. The CA/Browser Forum was formed in 2006 and previously created the "Extended Validation" (EV) standard for SSL/TLS.. EV was designed for banks and other high profile websites providing enhanced confirmation of the legitimacy of a website and the identity of its owner, consistent across all EV-issuing CAs.. "With the Baseline Requirements, for the first time we will have a consistent international standard for the issuance of all SSL/TLS, including the many variations of Domain Validation and Organisation Validation," said Eddy Nigg of the StartCom CA.. "This has been a multiyear effort involving more than 50 organisations including the major browser suppliers and CAs from around the world, as well as representatives from the Internet standards and audit/legal community along with major relying parties that use SSL/TLS.. Certification Authority members of the CA/Browser Forum range from the large multinational CAs to smaller issuers focused on geographic regions or specific industries.. Major CAs have already voiced their commitment to implement the Baseline Requirements targeting the 2012 effective date.. These include CA/Browser Forum members Symantec, Go Daddy, Comodo, GlobalSign, DigiCert, Entrust, StartCom, TrustWave, QuoVadis, Certum, T-Systems, Izenpe, and BuyPass representing more than 94% of all valid public SSL/TLS according to the independent Netcraft survey.. The CA/Browser Forum has requested that internet browsers and operating systems adopt the Baseline Requirements among their conditions to distribute CA root certificates in their software.. According to Kathleen Wilson of Mozilla, "Four years ago the CA/Browser Forum released the Extended Validation guidelines that established consistent standards for identity validation.. The Baseline Requirements provide a foundation for best practices across the industry by defining a single, consolidated set of essential standards for all SSL/TLS certificates for the first time.. The CA/B Forum has also requested that the major audit regimes used by CAs, WebTrust and ETSI, develop audit criteria to assess compliance with the Baseline Requirements.. Contact CA/B Forum.. Copyright 2006-2013 All rights reserved..

    Original link path: /
    Open archive

  • Title: CA/Browser Forum - Certificate Contents
    Descriptive info: Press Releases.. Letter to ICANN regarding the proposed delegation of.. corp as a gTLD.. Public Comment Release of "Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates".. CA/Browser Forum Statement on the Electronic Frontier Foundation's SSL Observatory.. Baseline Requirements.. Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates Version 1.. 1.. 6.. (effective 29 July, 2013).. Redline version.. EV SSL Certificate Guidelines.. EV SSL Certificate Guidelines Version 1.. 4.. 3.. (effective July 9, 2013).. Prior Versions.. 5.. (effective 31 May, 2013).. (effective 3 May, 2013).. (effective 21 February, 2013).. (effective 14 September, 2012).. 0.. (adopted on 22 Nov.. 2011 with an Effective Date of 1 July 2012).. Errata.. (effective May  ...   SSL Certificate Guidelines Draft 11.. (valid through June 11, 2007).. EV Code Signing Certificate Guidelines.. EV Code Signing Certificate Guidelines Version 1.. (effective May 29, 2012).. Network Security Controls.. Network and Certificate System Security Requirements.. (adopted on 3 August 2012 with an Effective Date of 1 January 2013).. WebTrust Audit Guidelines.. Web Trust Audit Guidelines.. (effective September 30, 2007).. Draft Web Trust Audit Guidelines.. (valid thru September 29, 2007).. ETSI Standards.. TS 102 042 v2.. (Policy requirements for certification authorities issuing public key certificates).. Bylaws.. CA/Browser Forum Bylaws.. (effective November 23, 2012).. Intellectual Property Rights (IPR) Policy.. IPR Policy that applies to all CA/Browser Forum members.. (effective August 1, 2012).. IPR Policy Agreement..

    Original link path: /documents.html
    Open archive

  • Title: CA/Browser Forum - About the Forum
    Descriptive info: About the Certification Authority/Browser Forum.. The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary organization of leading certification authorities (CAs) and vendors of Internet browser software and other applications.. Members of the CA/Browser Forum have worked closely together in defining the guidelines and means of implementation for the Extended Validation (EV) SSL Certificate standard as a way of providing a heightened security for Internet transactions and creating a more intuitive method of displaying secure sites to Internet users.. As of May 2013 the CA/Browser Forum includes the following members:.. Certification Authorities.. Buypass AS.. Certum.. Chunghwa Telecom Co.. , Ltd.. Comodo CA Ltd.. D-TRUST GmbH.. DanID A/S.. DigiCert, Inc.. Digidentity.. E-TUGRA Inc.. GlobalSign.. GoDaddy.. com, LLC.. Izenpe S.. A.. Japan Certification Services, Inc.. Kamu Sertifikasyon Merkezi.. KEYNECTIS.. KPN Corporate Market BV.. Logius PKIoverheid.. Network Solutions, LLC.. QuoVadis Ltd.. SECOM Trust Systems CO.. Skaitmeninio sertifikavimo centras (SSC).. StartCom Certification Authority.. Swisscom (Switzerland) Ltd.. SwissSign AG.. TURKTRUST.. Symantec Corporation.. Trend Micro Inc.. Trustwave.. Trustis Limited.. TAIWAN-CA  ...   for Extended Validation SSL certificate procedures and standards.. CA/Browser Forum Membership Requirements.. CA/Browser Forum members shall meet at least one of the following criteria.. Issuing CA:- The member organization operates a certification authority that has a current and successful WebTrust for CAs audit, or ETSI 102042 or ETSI 101456 audit report prepared by a properly-qualified auditor, and that actively issues certificates to Web servers that are openly accessible from the Internet using any one of the mainstream browsers.. Root CA:- The member organization operates a certification authority that has a current and successful WebTrust for CAs, or ETSI 102042 or ETSI 101456 audit report prepared by a properly-qualified auditor, and that actively issues certificates to subordinate CAs that, in turn, actively issue certificates to Web servers that are openly accessible from the Internet using any one of the mainstream browsers.. Browser:- The member organization produces a software product intended for use by the general public for browsing the Web securely.. Copyright 2006-2012 All rights reserved..

    Original link path: /forum.html
    Open archive

  • Title: CA/Browser Forum - EV SSL Certificates
    Descriptive info: About EV SSL Certificates.. The Extended Validation (EV) SSL Certificate standard is intended to provide an improved level of authentication of entities that request digital certificates for securing transactions on their Web sites.. Internet browsers display EV SSL-secured Web sites in a way that allows visitors to instantly ascertain that a given site is indeed secure and can be trusted.. A new vetting format, which all issuing Certification Authorities (CAs) must comply with, ensures a uniform standard for certificate issuance.. This means that all CAs must adhere to the same high security standards when processing certificate requests.. Consequently, visitors to EV SSL-secured Web sites can trust that the organization that operates the site has undergone and passed the rigorous  ...   users to instantly distinguish EV SSL-secured Web sites, current versions of the Internet's leading browsers display EV SSL certificates differently than the standard "padlock" method used for other types of SSL certificates.. See below for examples of how the Internet Explorer and Opera browsers display EV SSL certificates.. Apple's Safari, Google's Chrome, and Mozilla's Firefox browsers also distinguish EV SSL certificates.. EV SSL certificates are particularly useful for companies whose Internet domains are considered at a high risk of being targeted by phishing schemes and other types of Internet fraud.. High-risk domains include domains owned by high-profile online financial services, banking sites, auction sites, popular retailers and other sites that conduct Internet transactions likely to be targeted by Internet fraud..

    Original link path: /certificates.html
    Open archive

  • Title: CA/Browser Forum - Objectives
    Descriptive info: EV SSL Certificate Objectives.. Per the guidelines set forth by the CA/Browser Forum, Extended Validation (EV) SSL Certificates will serve the following purposes:.. Enable Secure Connections.. Like "standard" SSL certificates, which rely on authentication of requesting organization's identity and/or domain control, EV SSL certificates enable secure encrypted communication between a Web site and a site visitor's browser by facilitating the exchange of encryption keys.. Establish Online Businesses Identity.. EV SSL Certificates establish online businesses identity by confirming the certificate holder's legal  ...   of a Web site, EV Certificates may help to:.. Make it more difficult to mount phishing schemes and other online identity fraud attacks using SSL certificates;.. Assist companies that may be the target of phishing attacks or online identity fraud by providing them with a tool to better identify themselves and their legitimate Web sites to users;.. Assist law enforcement in investigations of phishing and other online identity fraud, including where appropriate, contacting, investigating, or taking legal action against the perpetrator..

    Original link path: /objectives.html
    Open archive

  • Title: CA/Browser Forum - Vetting Process
    Descriptive info: Overview of the Extended Validation SSL Certificate Vetting Process.. Per the guidelines defined by the CA/Browser Forum, Certification Authorities CAs may issue Extended Validation EV SSL Certificates to Private Organizations, Government Entities, and Business Entities that satisfy the requirements specified below:.. Private Organizations.. The CA may issue EV Certificates to Private Organizations that meet the following requirements:.. The Private Organization must be a legally recognized entity whose existence was created by a filing with or an act of the Incorporating or Registration Agency in its Jurisdiction of Incorporation or Registration e.. g.. , by issuance of a certificate of incorporation or is an entity that is chartered by a state or federal regulatory agency;.. The Private Organization must have designated with the Incorporating or Registration Agency either a Registered Agent, or a Registered Office as required under the laws of the Jurisdiction of Incorporation or Registration or an equivalent facility;.. The Private Organization must not be designated on the records of the Incorporating or Registration Agency by labels such as "inactive," "invalid," "not current," or the equivalent;.. The Private organization must have a verifiable physical existence and business presence;.. The Private Organization's Jurisdiction of Incorporation, Registration, Charter, or License, and/or its Place of Business must not be in any country where the CA is prohibited from doing business or issuing a  ...   list or prohibited list e.. Business Entities.. The CA may issue EV Certificates to Business Entities that do not qualify under the criteria listed for Private Organizations above but that do satisfy the following requirements:.. The Business Entity must be a legally recognized entity whose formation included the filing of certain forms with the Registration Agency in its Jurisdiction, the issuance or approval by such Registration Agency of a charter, certificate, or license, and whose existence can be verified with that Registration Agency;.. The Business Entity must have a verifiable physical existence and business presence;.. At least one Principal Individual associated with the Business Entity must be identified and validated;.. The identified Principal Individual must attest to the representations made in the Subscriber Agreement;.. Where the Business Entity represents itself under an assumed name, the CA must verify the Business Entity's use of the assumed name pursuant to the requirements of Section 15 herein;.. The Business Entity and the identified Principal Individual associated with the Business Entity must not be located or residing in any country where the CA is prohibited from doing business or issuing a certificate by the laws of the CA's jurisdiction;.. The Business Entity and the identified Principal Individual associated with the Business Entity must not be listed on any government denial list or prohibited list e..

    Original link path: /vetting.html
    Open archive

  • Title: CA/Browser Forum - Certificate Contents
    Descriptive info: The EV SSL Certificate and its Contents.. Extended Validation (EV) SSL Certificates will contain the following required fields:.. Organization name.. - This field must contain the Subject's (i.. e.. , certificate holding entity's) full legal organization name as listed in the official records of the Incorporating Agency in the Subject's Jurisdiction of Incorporation.. In addition, an assumed name or d/b/a (doing business as) name used by the Subject may be included at the beginning of this field, provided that it is followed by the full legal organization name in parenthesis.. If the combination of the full legal organization name and the assumed or d/b/a name exceeds 64 bytes as defined by RFC 3280, the CA should use only the full legal organization name in the certificate.. Domain name.. - This field must contain one or more host domain name(s) owned or controlled by the Subject and to be associated with Subject's publicly accessible server.. Such server  ...   the country level would include country information but would not include state or province or city or town information; the Jurisdiction of Incorporation for an Incorporating Agency at the state or province level would include both country and state or province information, but would not include city or town information; and so forth.. Country information must be specified using the applicable ISO country code.. State or province information, and city or town information (where applicable) for the Subject's Jurisdiction of Incorporation must be specified using the full name of the applicable jurisdiction.. Registration Number.. - This field must contain the unique Registration Number assigned to the Subject by the Incorporating Agency in its Jurisdiction of Incorporation (for Private Organization Subjects only).. Address of Place of Business.. - This field must contain the address of the physical location of the Subject's Place of Business.. City, state and country information is required.. Street number and ZIP/postal are optional..

    Original link path: /contents.html
    Open archive

  • Title: CA/Browser Forum - About the Forum
    Descriptive info: Frequently Asked Questions - Extended Validation SSL.. What is SSL?.. SSL stands for Secure Socket Layer.. Like TLS (which stands for Transport Layer Security), SSL is a security protocol that operates between a browser and a Web site.. It provides confidentiality and data integrity by means of cryptographic techniques and, when used with a third party-issued certificate, it can report trustworthy information to one party about the other party.. Typically, SSL is used to provide the browser and its user with trustworthy information about the Web site.. Cryptographic techniques provide confidentiality and data integrity protection for messages passing in either direction between the browser and the Web site.. This prevents Internet Service Providers that handle the messages in transit from viewing or modifying the contents of the messages.. It also mitigates attacks on the DNS, such as DNS cache poisoning and on the HTTP caching system, such as HTTP response splitting.. What is a certificate?.. A certificate (more properly called a public-key certificate in this context) is an electronic document that is signed by a certification authority (CA) asserting the binding between identifying information and a public key that can be used to authenticate the entity to which the identifying information applies.. As a minimum, the identifying information includes a domain name, and the browser verifies that the URL displayed in its address bar is in the domain identified by the certificate.. The CA's public key can be used to verify its signature on a certificate.. If the certificate is valid and the domain it contains includes the URL displayed in the browser's address bar, then the browser will display a padlock icon, indicating that a secure connection has been established between browser and Web site.. What is a certification authority?.. A certification authority (sometimes referred to as a certificate authority) is a trusted third party that issues digital certificates.. On the Web, certification authorities (CAs) are typically separate business entities whose public keys are provisioned to the browser by the browser supplier.. The CA accepts requests for certificates from Web site operators who provide the identifying information that they wish to have included in the certificate.. The CA verifies the accuracy and applicability of the identifying information before including it in the certificate and returning it to the Web site operator.. The Web site provisions the certificate to the browser within the SSL protocol.. What is the DNS?.. DNS stands for Domain Name System.. It is the part of the Internet that translates a familiar domain name, such as "example.. com" to an IP address.. The Internet routes messages to their destinations on the basis of the destination IP address.. However, because users are more familiar with domain names to identify locations on the Internet, a system is needed to translate between these two forms of  ...   Web site, such as its registered business name.. Organizationally validated certificates differ from extended validation certificates (EV SSL Certificates) in that they are not necessarily issued in compliance with the extended validation guidelines.. Furthermore, the organizational identifying information they contain does not receive prominent display in the most popular browsers.. If a secure connection is established between browser and a Web site secured with an organizationally validated certificate, the browser displays the padlock icon.. What is an extended validation certificate?.. An extended validation certificate (EV SSL Certificate) is a certificate issued in conformance with the extended validation guidelines defined by the.. The organizational identifying information and the name of the issuing CA receive prominent display in some browsers.. What are the extended validation guidelines?.. The extended validation guidelines contain a set of requirements for the operations of certification authorities (CAs) that issue extended validation certificates (EV SSL Certificates).. These requirements mostly govern the process of validating the identifying information that is to appear in an EV SSL Certificate.. However, the guidelines also establish requirements for several other aspects of a CA's operations, including: insurance coverage, revocation services, cryptographic key parameters, personnel qualification, etc.. Why is there a need for extended validation certificates?.. Because there are no generally-accepted standards for verifying the organizational information that is contained in some certificates, uncertainty has arisen in users' minds over the significance of the padlock icon.. This confusion has been compounded by the growing practice of Web site operators to display padlock icons within the site contents.. Furthermore, the URLs that commonly appear in browser address bars have become obscure and users can no longer use these to assure themselves that they are transacting with the Web site operator that they expect.. Therefore, there arose a need to display trusted identifying information about the operator of the Web site, and to do it in a way that clearly indicated to users the identity of the business entity with whom they were doing business.. This had to be done in a way that established minimum standards for the trustworthiness of that identifying information.. Hence, the major browser suppliers and a group of certification authorities (CAs) came together to develop these minimum standards.. At the same time, some browser suppliers developed user interface standards for displaying that information to emphasize its trustworthiness.. With these combined developments, it is expected that the Web users who engage in sensitive transactions with their governments, financial service providers, health care providers, etc.. will look for these new cues as part of their personal Web use routine.. When will we see Web sites protected by extended validation certificates?.. Many browser suppliers plan to provide support for extended validation certificates (EV SSL Certificates) some time during 2007.. Microsoft's IE7 and Vista currently provide full support for EV SSL Certificates..

    Original link path: /faq.html
    Open archive

  • Title: Extended Validation SSL Certificates -- The Certification Authority/Browser Forum
    Descriptive info: These are the comments that the CA/Browser Forum received in response to its call for proposals for organizational reform:.. Access.. Check Point Software.. Cisco.. Electronic Frontier Foundation.. Federated Business.. Kyle Hamilton.. Internet Society.. Messaging, Malware, and Mobile Anti-Abuse Working Group.. National Institute of Standards and Technology.. Opera.. Qualys.. Chris Richardson.. Red Hound Software.. Safelayer.. SiteTruth.. Stephen Schultze.. World Wide Web Consortium..

    Original link path: /cabf-governance-proposals/index.html
    Open archive

  • Title: CA/Browser Forum - Certificate Contents
    Descriptive info: Guidelines Version 1.. 0 Errata.. 1.. Remove reference to UTF-8 English.. Section 6(a)(3) of the Guidelines is amended as follows, effective Sept.. 11 2007:.. DELETE:.. 'This field MUST contain one of the following strings in UTF-8 English: 'V1.. 0, Clause 5.. (b)', 'V1.. (c)' or 'V1.. (d)', depending whether the Subject qualifies under the terms of Section 5b, 5c, or 5d of the Guidelines, respectively.. '.. ADD:.. 'This field MUST contain one of the following strings : 'V1.. The amended section reads as follows:.. '(3) Business Category Certificate Field subject: businessCategory (OID 2.. 15) Required/Optional Required Contents This field MUST contain one of the following strings : 'V1.. ' ".. 2.. Non-commercial entities.. The Guidelines are amended as follows, effective 4 Feb 2008:.. Section 5 of the guidelines.. Add the following subsection:.. "(e).. Non-Commercial Entity Subjects.. The CA MAY issue EV Certificates to Non-Commercial Entities who do not qualify under subsections (b), (c) and (d) but satisfy the following requirements:.. (1).. International Organization Entity Subjects.. The CA MAY issue EV Certificates to International Organization Entities that satisfy the following requirements:.. (1) The International Organization Entity is created under a Charter, Treaty, Convention or equivalent instrument that was signed by, or on behalf of, more than one country's government.. The CABForum may publish a listing of International Organizations that have been approved for EV eligibility, and.. (2) The International Organization Entity MUST NOT be headquartered in any country where the CA is prohibited from doing business or issuing a certificate by the laws of the CA's jurisdiction; and.. (3) The International Organization Entity MUST NOT be listed on any government denial list or prohibited list (e.. , trade embargo) under the laws of the CA's jurisdiction.. Subsidiary organizations or agencies of qualified international organizations may also qualify for EV certificates issued in accordance with these Guidelines.. Section 6(a)(3) of the Guidelines.. Delete:.. "This field MUST contain one of the following strings : 'V1.. Add:.. "This field MUST contain one of the following strings: 'V1.. (c)', 'V1.. (d)' or 'V1.. (e)' depending whether the Subject qualifies under the terms of Section 5b, 5c,5d or 5e of the Guidelines, respectively.. The revised section shall read:.. "(3) Business Category:.. -Certificate Field: subject:businessCategory (OID 2.. 15).. -Required/Optional: Required.. -Contents: This field MUST contain one of the following strings: "V1.. Section 14(a).. Add section 14 (a) (4):.. "(4) Non-Commercial Entities:.. (1) International Organization Entities.. a.. Legal Existence: Verify that Applicant is a legally recognized International Organization Entity.. b.. Entity Name: Verify that Applicant's formal legal name matches Applicant's name in the EV Certificate Request.. c.. Registration Number: The CA SHOULD obtain Applicant's date of formation, or the identifier for the legislative act that created the International Organization Entity.. In circumstances where this information is not available, the CA MUST enter appropriate language to indicate that the Subject is an International Organization Entity".. Section 14(b).. Add section 14(b)(5):.. "Non-Commercial Entities.. (a) International Organization Entities:.. All items listed in subsection 14(a)(4)(1)MUST be verified either:.. With reference to the constituent document under which the International Organization was formed; or.. Directly with a signatory country's government in which the CA is permitted to do business.. Such verification may be obtained from an appropriate government agency or from the laws of that country, or by verifying that the country's government has a mission to represent it at the International Organization; or.. directly against any current list of qualified entities that the CABForum may maintain at www.. In cases where the International Organization applying for the EV certificate is an organ or agency - including a non-governmental organization (NGO) of a verified International Organization, then the CA may verify the International Organization applicant directly with the verified umbrella International Organization of which the applicant is an organ or agency.. Definitions.. "Country": A Country shall mean a Sovereign state as defined in the Guidelines.. "Sovereign State": A Sovereign state is a state, or country, that administers its own government, and is not dependent upon, or subject to, another power.. "International Organization": An International Organization is an organization founded by a constituent document, e.. , charter, treaty, convention, or similar document, signed by, or on behalf of, a minimum of two or more Sovereign  ...   is only relevant to EV applications from countries that do not have Latin character organization name registrations.. More specific information for particular countries may be added to this appendix in the future.. Where an EV Applicant's organization name is not registered with a QGIS in Latin characters and the applicant's foreign character organization name and registration have been verified with a QGIS in accordance with these Guidelines, a CA MAY include a Latin character organization name in the EV certificate.. In such a case, the CA MUST follow the procedures laid down in this appendix.. Romanized Names.. In order to include a transliteration/Romanization of the registered name, the Romanization MUST be verified by the CA using a system officially recognized by the Government in the Applicant's jurisdiction of incorporation.. If the CA can not rely on a transliteration/Romanization of the registered name using a system officially recognized by the Government in the Applicant's jurisdiction of incorporation, then it MUST rely on one of the options below, in order of preference:.. A system recognized by the International Standards Organization (ISO),.. A system recognized by the United Nations or.. A Lawyers Opinion confirming the Romanization of the registered name.. English Name.. In order to include a Latin character name that is not a Romanization of the registered name in the EV certificate, the CA MUST verify that the Latin character name is:.. Included in the Articles of Incorporation (or equivalent document) filed as part of the organization registration, or.. Recognized by a QGTIS in the Applicant's Jurisdiction of Incorporation as the applicant's recognized name for tax filings, or.. Confirmed with a QIIS to be the name associated with the registered organization, or.. Confirmed by a lawyer's opinion letter to be the trading name associated with the registered organization.. Country Specific Procedures.. F-1.. Japan.. In addition to the procedures set out above:.. The Hepburn method of Romanization is acceptable for Japanese Romanizations.. The CA MAY verify the Romanized transliteration of Applicant's formal legal name with either a QIIS or a lawyer's opinion letter.. The CA MAY use the Financial Services Agency to verify an English Name.. When used, the CA MUST verify that the English name is recorded in the audited Financial Statements filed with the Financial Services Agency.. When relying on Articles of Incorporation to verify an English Name, the Articles of Incorporation MUST be accompanied either: by a document, signed with the original Japanese Corporate Stamp, that proves that the Articles of Incorporation are authentic and current, or by a lawyer's opinion letter.. The CA MUST verify the authenticity of the Corporate Stamp.. 5.. Prior Equivalent Authority.. The Guidelines are amended as follows, effective 19 Mar 2008:.. Add to Section 19(c):.. (6) Prior Equivalent Authority The signing authority of the Contract Signer, and/or the EV authority of the Certificate Approver, MAY be verified by relying on a demonstration of Prior Equivalent Authority.. (A) Prior Equivalent Authority of a Contract Signer MAY be relied upon for confirmation or verification of the signing authority of the Contract Signer when the Contract Signer has executed a binding contract between the CA and the Applicant with a legally valid and enforceable seal or handwritten signature and only when the contract was executed more than 90 days prior to the EV certificate application.. The CA MUST record sufficient details of the previous agreement to correctly identify it and associate it with the EV application.. Such details MAY include any of the following:.. Agreement title.. Date of Contract Signer's signature.. Contract reference number.. Filing location.. (B) Prior Equivalent Authority of a Certificate Approver MAY be relied upon for confirmation or verification of the EV authority of the Certificate Approver when the Certificate Approver has performed one or more of the following:.. (1) Under contract to the CA, has served (or is serving) as an Enterprise RA for the Applicant.. (2) Has participated in the approval of one or more SSL certificates issued by the CA, which are currently in use on public servers operated by the Applicant.. In this case the CA MUST have contacted the Certificate Approver by phone at a previously validated phone number or have accepted a signed and notarized letter approving the certificate request..

    Original link path: /erratum.html
    Open archive

  • Title:
    Descriptive info: Hi there,.. My name is Mike Rispoli, and I work for Access, an international NGO that promotes open access to the internet as a means to free, full and safe participation in society and the realization of human rights.. Please find a.. list of recommendations for the working group on organizational reform.. We appreciate your willingness to discuss these potential reforms, and look forward to hearing from you.. If you have any questions, please contact myself or our Technology Director, Gustaf Björksten, at soc@accessnow..

    Original link path: /cabf-governance-proposals/access.html
    Open archive


  • Archived pages: 23