CA/Browser Forum
 | |
| Founded | 2005 |
|---|---|
| Founder | Melih Abdulhayoğlu |
| Type | Professional Organization |
| Focus | Provide internet security industry standards for browsers and Certificate Authorities |
| Location | |
| Website | cabforum |
The Certification Authority Browser Forum, also known as CA/Browser Forum, is a voluntary consortium of certification authorities, vendors of Internet browser software, operating systems, and other PKI-enabled applications that promulgates industry guidelines governing the issuance and management of X.509 v.3 digital certificates that chain to a trust anchor embedded in such applications. Its guidelines cover certificates used for the SSL/TLS protocol and code signing, as well as system and network security of certificate authorities.
As of July 2013, the CA/Browser Forum includes over 30 Certificate Authority members and the following five Internet Browser Software Vendors: Microsoft (Internet Explorer), Apple (Safari), Mozilla (Firefox), Google (Chrome), and Opera.
The CA/Browser Forum maintains “Guidelines For The Issuance And Management Of Extended Validation (EV) Certificates”. The EV SSL standard improves security for Internet transactions and creates a more intuitive method of displaying secure sites to Internet users. In order for Certification Authorities to issue EV SSL Certificates, they must be audited for compliance with the Forum's EV Guidelines[1] in accordance with either WebTrust or ETSI audit criteria.
The CA/Browser Forum adopted the "Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates”[2] in 2011. The intent is that all browser and relying party application software developers will incorporate the Baseline Requirements into their accreditation and approval schemes as requirements for all applicants who request that a self-signed root certificate be embedded as a trust anchor. This would extend common standards for issuing SSL/TLS certificates beyond EV to include all Domain-validated (DV) and Organisation-validation (OV/IV) certificates.
History
In 2005, Melih Abdulhayoglu of the Comodo Group organized[3] and arranged the first meeting of CA/Browser Forum. The first meeting was held in New York City. This was followed by a meeting in November 2005 in Kanata, Ontario, and a meeting in December, 2005, in Scottsdale, Arizona with the main objective to enable secure connections between users and websites.
In addition to CA/Browser Forum members, representatives of the Information Security Committee of the American Bar Association Section of Science & Technology, Law and the Canadian Institute of Chartered Accountants participated in developing the standards for issuing and managing Extended Validation SSL certificates.
Version 1.0 of the EV Guidelines was adopted on 7 June 2007.[4]
Version 1.1 was adopted by the CA/Browser Forum on 10 April 2008. [5]
Version 1.2 was adopted by the CA/Browser Forum on 1 Oct 2009. [6]
It is a great step forward in establishing verified identity for websites considers MSDN in its blog post.[7] Also, Microsoft's vision is that the backbone of an Internet identity system is composed of Extended Validation SSL Certificates intimately integrated with the users' browsing experience.[8]
The tougher certificates, coupled with browser developments,[9] could help fight phishing, which threatens the multi billion dollar online retail market.
In November 2011, the CA/Browser Forum adopted version 1.0 of the "Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates." [citation needed]
In February 2013 a new industry group, the Certificate Authority Security Council (CASC), was formed with a mission that includes promoting CA/Browser Forum standards. Membership requires adherence to CA/Browser Forum standards.[10] The CASC's founding members consist of the 7 largest Certificate Authorities: Comodo, Symantec,[11] Trend Micro, DigiCert, Entrust,[12] GlobalSign [13] and GoDaddy.[14][15][16] [17] [18][19]
See also
- Certification Authority
- Transport Layer Security (TLS)
- Comparison of SSL certificates for web servers
- Extended Validation Certificate
References
- ^ CA/Browser Extended Validation Guidelines
- ^ "Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates”
- ^ eWeek Article about Origins of CA/Browser Forum and EV SSL
- ^ "GUIDELINES FOR THE ISSUANCE AND MANAGEMENT OF EXTENDED VALIDATION CERTIFICATE" (PDF). The CA/Browser Forum.
- ^ "GUIDELINES FOR THE ISSUANCE AND MANAGEMENT OF EXTENDED VALIDATION CERTIFICATES" (PDF). The CA/Browser Forum.
- ^ "Guidelines For The Issuance And Management Of Extended Validation Certificates". The CA/Browser Forum.
{{cite web}}: Missing or empty|url=(help) - ^ Extended Validation Guidelines v1 Released
- ^ Microsoft information on EV in IE7
- ^ CNet News - Browsers to get sturdier padlocks
- ^ https://casecurity.org/casc/
- ^ http://www.symantec.com/connect/blogs/let-s-build-more-secure-future
- ^ http://www.entrust.com/news/2013-02-14-Entrust-Joins-Worlds-Leading-CAs-to-Form-Certificate-Authority-Security-Council-Advance-Internet-Security-and-Trusted-SSL-Ecosystem
- ^ http://www.thepaypers.com/news/e-identity-security-online-fraud/globalsign-joins-the-certificate-authority-security-council-to-upgrade-internet-security/750211-26
- ^ http://inside.godaddy.com/announcing-certificate-authority-security-council/
- ^ http://www.darkreading.com/authentication/167901072/security/news/240148546/major-certificate-authorities-unite-in-the-name-of-ssl-security.html
- ^ http://www.networkworld.com/news/2013/021413-council-digital-certificate-266728.html
- ^ http://www.cmswire.com/cms/customer-experience/website-certificate-authorities-set-up-security-council-for-advocacy-research-019619.php
- ^ http://www.darkreading.com/authentication/167901072/security/news/240148546/major-certificate-authorities-unite-in-the-name-of-ssl-security.html
- ^ http://electronicstaff.com/2013/ssl-certificate-authority-security-council-takes-root