September 2018 CA Communication

ACTION 5: Discontinue use of BR Validation Methods 3.2.2.4.1 and 3.2.2.4.5 CA/Browser Forum ballot 218 set a deadline of 1-August 2018 for CAs to discontinue use of BR domain validation methods 3.2.2.4.1 “Validating the Applicant as a Domain Contact” and 3.2.2.4.5 “Domain Authorization Document”
ACTION 5 COMMENTS

CA Owner Response Response
AC Camerfirma, S.A. We never used either of these methods
Actalis We have discontinued use of these methods and updated our CP/CPS to reflect this change
Amazon Trust Services We never used either of these methods
Asseco Data Systems S.A. (previously Unizeto Certum) We have discontinued use of these methods and updated our CP/CPS to reflect this change
Atos We have discontinued use of these methods and will update our CP/CPS to reflect this change in the near future (specify date below) Will be included in the next CP/CPS Version. Version will be available until 31.10.2018
Autoridad de Certificacion Firmaprofesional We have discontinued use of these methods and will update our CP/CPS to reflect this change in the near future (specify date below) Firmaprofesional plans to update the CP/CPS for reflecting this change before 31/12/2018.
Buypass We have discontinued use of these methods and updated our CP/CPS to reflect this change
Certinomis / Docapost We have discontinued use of these methods and will update our CP/CPS to reflect this change in the near future (specify date below) January 2019
China Financial Certification Authority (CFCA) We never used either of these methods
Chunghwa Telecom We have discontinued use of these methods and updated our CP/CPS to reflect this change
ComSign We never used either of these methods
Consorci Administració Oberta de Catalunya (Consorci AOC, CATCert) We have discontinued use of these methods and updated our CP/CPS to reflect this change
Cybertrust Japan / JCSI We never used either of these methods
D-TRUST We have discontinued use of these methods and updated our CP/CPS to reflect this change
Dhimyotis / Certigna We have discontinued use of these methods and will update our CP/CPS to reflect this change in the near future (specify date below) The Update of our CP/CPS is planned on october 31st;
DigiCert We have discontinued use of these methods and updated our CP/CPS to reflect this change
Disig, a.s. We have discontinued use of these methods and updated our CP/CPS to reflect this change
DocuSign (OpenTrust/Keynectis) We have discontinued use of these methods and updated our CP/CPS to reflect this change
E-Tugra We have discontinued use of these methods and updated our CP/CPS to reflect this change
EDICOM We have discontinued use of these methods and updated our CP/CPS to reflect this change
Entrust We have discontinued use of these methods and updated our CP/CPS to reflect this change
Global Digital Cybersecurity Authority Co., Ltd. (Formerly Guang Dong Certificate Authority (GDCA)) We have discontinued use of these methods and updated our CP/CPS to reflect this change
GlobalSign We have discontinued use of these methods and will update our CP/CPS to reflect this change in the near future (specify date below) Method 5 is not in our CPS and we stopped using Method 1 prior to August 1st, 2018. We're not reusing any domain validations that used methods 1 or 5. We have updated our CPS to remove Method 1, the changes have been already made and are planned to be released by end of Oct 2018.
GoDaddy We have discontinued use of these methods and updated our CP/CPS to reflect this change
Google Trust Services LLC (GTS) We have discontinued use of these methods and updated our CP/CPS to reflect this change
Government of Hong Kong (SAR), Hongkong Post, Certizen We have discontinued use of these methods and updated our CP/CPS to reflect this change
Government of Spain, Autoritat de Certificació de la Comunitat Valenciana (ACCV) We have discontinued use of these methods and updated our CP/CPS to reflect this change
Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT) We have discontinued use of these methods and will update our CP/CPS to reflect this change in the near future (specify date below) We estimate CP/CPS will be updated by end of Nov-2018
Government of Taiwan, Government Root Certification Authority (GRCA) We have discontinued use of these methods and will update our CP/CPS to reflect this change in the near future (specify date below) We will update our CPS before 2019/1/31.
Government of The Netherlands, PKIoverheid (Logius) We have discontinued use of these methods and updated our CP/CPS to reflect this change
Government of Turkey, Kamu Sertifikasyon Merkezi (Kamu SM) Other (please describe below) Kamu SM is a government CA and issues certificates for only public institutions and organizations in Turkey. For validation of domain authorization and control, Kamu SM uses the method defined in Section 3.2.2.4.6 in Baseline Requirements v1.5.6. In addition, full domain name indicated in application form is verified through “nic.tr”. “nic.tr” is the government entity and a reliable data source that keeps “.tr” top level domain in Turkey. It is checked whether the domain name stated ownership in the application form is same with the information provided by nic.tr.
HARICA We have discontinued use of these methods and updated our CP/CPS to reflect this change Our CP/CPS has been updated to satisfy this requirement and is in the final stage of review. It will be published by October 5th 2018.
IdenTrust Services, LLC We have discontinued use of these methods and updated our CP/CPS to reflect this change
Internet Security Research Group (ISRG) We never used either of these methods
Izenpe S.A. We have discontinued use of these methods and updated our CP/CPS to reflect this change
Krajowa Izba Rozliczeniowa S.A. (KIR) We never used either of these methods
LuxTrust We have discontinued use of these methods and will update our CP/CPS to reflect this change in the near future (specify date below) 31-10-2018 Currently we do not issue any SSL/EV SSL certificate and we are not planning to issue such certificates in the near future since we are not recognized yet by Apple.
Microsec Ltd. We have discontinued use of these methods and updated our CP/CPS to reflect this change
NetLock Ltd. We have discontinued use of these methods and updated our CP/CPS to reflect this change Our CP/CPS were changed to include this change, these validations are not enough to issue certs. However, because the Hungarian law CCXXII (year 2015) article 82 section (1) we steel need to check domain records, but they are only additional checks to the domain registries to comply this law. Section 82 (1) [...] For this purpose, the trust provider must verify the data to be included in the certificate, and in particular verify [...] the right to dispose of the certificate domain [...] to be included in the certificate, in the case of profession, the right to exercise it.
QuoVadis We have discontinued use of these methods and updated our CP/CPS to reflect this change
SECOM Trust Systems CO., LTD. We have discontinued use of these methods and updated our CP/CPS to reflect this change
SK ID Solutions AS Does not apply, because our root certificates are not enabled with the Websites trust bit
SSL.com We have discontinued use of these methods and will update our CP/CPS to reflect this change in the near future (specify date below) Our current CP/CPS is version 1.4. We intend to approve and publish version 1.5, incorporating the above changes, no later than November 15 2018.
Sectigo We have discontinued use of these methods and updated our CP/CPS to reflect this change
SecureTrust We have discontinued use of these methods and will update our CP/CPS to reflect this change in the near future (specify date below) Our CP/CPS will be updated on October 1, 2018.
SwissSign AG We have discontinued use of these methods and updated our CP/CPS to reflect this change
Swisscom (Switzerland) Ltd Does not apply, because our root certificates are not enabled with the Websites trust bit
T-Systems International GmbH (Deutsche Telekom) We have discontinued use of these methods and updated our CP/CPS to reflect this change
Taiwan-CA Inc. (TWCA) We have discontinued use of these methods and will update our CP/CPS to reflect this change in the near future (specify date below) We have stopped to use of these methods and use BR allowed method. The CP/CPS will be update before 2018/12/31.
Telia Company (formerly TeliaSonera) We have discontinued use of these methods and updated our CP/CPS to reflect this change
TrustCor Systems We have discontinued use of these methods and updated our CP/CPS to reflect this change While versions of our CPS prior to the current did allow those validation methods, no certificate was ever issued which made use of those methods. The current CPS specifically excludes those methods as valid.
Trustis We have discontinued use of these methods and will update our CP/CPS to reflect this change in the near future (specify date below) We have discontinued use of these methods and will update our CP/CPS to reflect this change in the near future (01-30-2019) Comment: Certificate issuance has been discontinued and the service only provides revocation information for certificates that have not yet expired.
TurkTrust We have discontinued use of these methods and updated our CP/CPS to reflect this change
WISeKey We have discontinued use of these methods and updated our CP/CPS to reflect this change
Web.com Does not apply, because our root certificates are not enabled with the Websites trust bit
certSIGN We have discontinued use of these methods and updated our CP/CPS to reflect this change