May 2020 CA Communication

ITEM 4: CA/Browser Forum Ballot for Browser Alignment A ballot called Browser Alignment is being drafted for the CA/Browser Forum with the goal of resolving ambiguity for CAs by incorporating current root-program-specific requirements directly into the Baseline Requirements (BRs). Mozilla would like to see such a ballot succeed, so we are looking for CA input on the effective dates for the root-program-specific requirements that are not currently part of Mozilla’s Root Store Policy, and thus may be new requirements or requirements of other Root Programs that you may not have been aware of. Please reply to the Sub Items below if your CA has root certificates that are enabled with the Websites trust bit.
ITEM 4 COMMENTS

CA Owner Response Response
AC Camerfirma, S.A. Our CA issues TLS certificates, so we are providing our input on the sub items below.
Actalis Our CA issues TLS certificates, so we are providing our input on the sub items below.
Amazon Trust Services Our CA issues TLS certificates, so we are providing our input on the sub items below.
Asseco Data Systems S.A. (previously Unizeto Certum) Our CA issues TLS certificates, so we are providing our input on the sub items below.
Atos Our CA issues TLS certificates, so we are providing our input on the sub items below.
Autoridad de Certificacion Firmaprofesional Our CA issues TLS certificates, so we are providing our input on the sub items below.
Buypass Our CA issues TLS certificates, so we are providing our input on the sub items below.
China Financial Certification Authority (CFCA) Our CA issues TLS certificates, so we are providing our input on the sub items below.
Chunghwa Telecom Our CA issues TLS certificates, so we are providing our input on the sub items below. We agree that there are browser alignment ballot to resolve ambiguity for CAs by incorporating current root-program-specific requirements directly into the Baseline Requirements.
Consorci Administració Oberta de Catalunya (Consorci AOC, CATCert) Other (please describe below) Although our CA still has the website bit enabled, we do not issue TLS Certificates since 1st-January-2020.The last one was issued in 27th-December-2019. Related bugs/information: https://bugzilla.mozilla.org/show_bug.cgi?id=1496616#c22 https://bugzilla.mozilla.org/show_bug.cgi?id=1621159
Cybertrust Japan / JCSI Our CA issues TLS certificates, so we are providing our input on the sub items below.
D-TRUST Our CA issues TLS certificates, so we are providing our input on the sub items below.
Deutsche Telekom Security GmbH Our CA issues TLS certificates, so we are providing our input on the sub items below.
Dhimyotis / Certigna Our CA issues TLS certificates, so we are providing our input on the sub items below.
DigiCert Our CA issues TLS certificates, so we are providing our input on the sub items below. This is a multi-faceted ballot. We will analyze the specifics and provide additional input as this browser alignment ballot gets finalized. We have found in our research the following so far that we need more clarity and would like to address the EKU policy that originates from MS Root Store.
Disig, a.s. Our CA issues TLS certificates, so we are providing our input on the sub items below.
E-Tugra Our CA issues TLS certificates, so we are providing our input on the sub items below.
Entrust Our CA issues TLS certificates, so we are providing our input on the sub items below.
Global Digital Cybersecurity Authority Co., Ltd. (Formerly Guang Dong Certificate Authority (GDCA)) Our CA issues TLS certificates, so we are providing our input on the sub items below.
GlobalSign nv-sa Our CA issues TLS certificates, so we are providing our input on the sub items below. Generally GlobalSign agrees with the Browser Alignment except for the inclusion of the 398 day max validity. Since this is not a current root program requirement, GlobalSign does not support this being added to the BRs as part of the alignment ballot.
GoDaddy Our CA issues TLS certificates, so we are providing our input on the sub items below.
Google Trust Services LLC Our CA issues TLS certificates, so we are providing our input on the sub items below.
Government of Hong Kong (SAR), Hongkong Post, Certizen Our CA issues TLS certificates, so we are providing our input on the sub items below.
Government of Spain, Autoritat de Certificació de la Comunitat Valenciana (ACCV) Our CA issues TLS certificates, so we are providing our input on the sub items below.
Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT) Our CA issues TLS certificates, so we are providing our input on the sub items below.
Government of Taiwan, Government Root Certification Authority (GRCA) Other (please describe below) GRCA and its sub CAs do not issue any TLS certificates since 18-Seepteember 2019, and we will revoke all TLS certificates on 7/19/2020. Our root cert will be removed from Mozilla's root store after 7/19/2020 Please see: https://bugzilla.mozilla.org/show_bug.cgi?id=1463975
Government of The Netherlands, PKIoverheid (Logius) Our CA issues TLS certificates, so we are providing our input on the sub items below.
Government of Turkey, Kamu Sertifikasyon Merkezi (Kamu SM) Our CA issues TLS certificates, so we are providing our input on the sub items below.
HARICA Our CA issues TLS certificates, so we are providing our input on the sub items below.
IdenTrust Services, LLC Our CA issues TLS certificates, so we are providing our input on the sub items below.
Internet Security Research Group Our CA issues TLS certificates, so we are providing our input on the sub items below.
Izenpe S.A. Our CA issues TLS certificates, so we are providing our input on the sub items below.
Krajowa Izba Rozliczeniowa S.A. (KIR) Our CA issues TLS certificates, so we are providing our input on the sub items below.
Microsec Ltd. Our CA issues TLS certificates, so we are providing our input on the sub items below.
NETLOCK Kft. Our CA issues TLS certificates, so we are providing our input on the sub items below.
OISTE Our CA issues TLS certificates, so we are providing our input on the sub items below.
QuoVadis Other (please describe below) We will analyze the specifics and provide additional input as the browser alignment ballot is finalized. We seek additional information on the item dealing with the separation of sub-CA EKUs from the Microsoft CA policy.
SECOM Trust Systems CO., LTD. Our CA issues TLS certificates, so we are providing our input on the sub items below.
SK ID Solutions AS Other (please describe below) Please note that SK has terminated issuance of TLS Server Certificates as of September 1st 2017 and therefore we are unable to meet this requirement. The last TLS certificate will expire in September 2020.
SSL.com Our CA issues TLS certificates, so we are providing our input on the sub items below.
Sectigo Our CA issues TLS certificates, so we are providing our input on the sub items below.
SecureTrust Our CA issues TLS certificates, so we are providing our input on the sub items below.
Shanghai Electronic Certification Authority Co., Ltd. Our CA issues TLS certificates, so we are providing our input on the sub items below.
SwissSign AG Our CA issues TLS certificates, so we are providing our input on the sub items below.
Taiwan-CA Inc. (TWCA) Our CA issues TLS certificates, so we are providing our input on the sub items below.
Telia Company Our CA issues TLS certificates, so we are providing our input on the sub items below. The clearer the requirements are the better.
TrustCor Systems Our CA issues TLS certificates, so we are providing our input on the sub items below.
Trustis End-entity certificate issuance under the current service has been discontinued and the service is being terminated.
Web.com Our CA issues TLS certificates, so we are providing our input on the sub items below.
certSIGN Our CA issues TLS certificates, so we are providing our input on the sub items below.
eMudhra Technologies Limited Our CA issues TLS certificates, so we are providing our input on the sub items below.