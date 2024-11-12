Tim Callan, chief compliance officer at Sectigo, elected as new vice chair

SCOTTSDALE, Ariz.–(BUSINESS WIRE)–Sectigo, a global leader in digital certificates and automated Certificate Lifecycle Management (CLM), today announced its unrivaled leadership within the CA/Browser (CA/B) Forum, earning the election of five chair positions – the most seats of any CA/B Forum member. This includes the election of Tim Callan, Sectigo’s chief compliance officer, as the new vice chair. The Forum, established in 2005, is a voluntary group with elected leadership seats that sets standards and best practices for certificate validation, authentication, and revocation and helps its members address challenges related to securing digital certificates.





New officers will assume their chair positions on December 1, 2024, increasing Sectigo’s current count from four to five seats – the most of any organization in the CA/B Forum. The increase in chair positions by Sectigo illustrates the company’s commitment to developing and upholding high-quality standards for digital certificates.

Sectigo will hold these offices in the CA/B Forum starting in December:

CA/B Forum Vice Chair: Tim Callan, chief compliance officer, Sectigo

Tim Callan, chief compliance officer, Sectigo Chairman, Code Signing Working Group: Martijn Katerbarg, senior compliance engineer, Sectigo

Martijn Katerbarg, senior compliance engineer, Sectigo Vice Chair, S/MIME Working Group: Martijn Katerbarg

Martijn Katerbarg Vice Chair, Definitions and Glossary Working Group: Tim Callan

Tim Callan Co-Chair, Intellectual Property Rights Subcommittee: Brian Holland, general counsel, Sectigo

Tim Callan steps into his additional new role as vice chair where he will aid the chair in facilitating and guiding Forum activity. A founding member of the CA/B Forum, Callan originally played a key role in the creation and roll out of Extended Validation SSL in the late 2000s. He has served as vice chair of the CA/B Forum’s Definitions and Guidelines Working Group since April 2024.

“Since its founding in the mid 2000s, the CA/Browser Forum has existed to encourage predictably high-quality standards for public digital certificates. As a purely voluntary organization, it only works when members contribute their own time and effort to advance the entire WebPKI,” said Callan. “I am proud of Sectigo’s ongoing commitment to the Forum, and I am honored to be selected by the Forum’s group of high-minded technical experts to help keep it running smoothly and productively.”

This leadership handover occurs during a time of great transition for the WebPKI. Recent and anticipated updates to foundational elements of public certificates include:

Shortening digital certificate lifespans, most notably the drive to reduce SSL certificates to 45-day maximum term

Modernization of domain control validation, including Multi-perspective Issuance Corroboration (MPIC) and the deprecation of WHOIS as an email validation method

Post-quantum cryptography (PQC)

Reform of revocation rules for misissuance

Shortening certificate lifespans is a particularly meaningful trend. In just a few years SSL certificates have dropped from a three-year maximum term down to one, with a proposal in discussion to step down the maximum term for TLS from 398 days to as little as 45 days. Shorter certificate lifespans reduce the risk of cybercriminals exploiting outdated certificates, minimize exposure time for compromised certificates, improve crypto agility, and reduce gaps between domain control and certificate ownership.

“I expect big changes in our industry in the next two years,” added Callan. “It’s an exciting time to be part of the CA/Browser Forum, and I look forward to playing my part in bringing about these improvements and others.”

The CA/B Forum brings together a voluntary group of certificate authorities, like Sectigo, browser vendors like Apple, Google, Mozilla, and Microsoft, and major technology companies to establish guidelines for public TLS, Code Signing, and S/MIME certificates. The Forum updates guidelines and requirements regularly to help the WebPKI stay ahead of emerging threats, incorporate new technology, and improve the accuracy and reliability of processes. The Forum is globally recognized as the definitive authority on public digital certificates.

For more information about Sectigo’s role in preparing organizations for the shift to 45-day certificates, please visit: https://www.sectigo.com/45-day-ssl

