Update on February 7:
ZT Browser updated versions have been released, specifically:
Update on January 31:
The author sent an email to the CA - SwissSign, which voted "No", and the reply from the company's information security manager surprised me!
[The decision to vote „no” on this ballot was discussed internally with all relevant stakeholders and it was an intense and close discussion. In the end our decision was reached and communicated also in light of the fact that SwissSign does not believe to do business in China in the recognizable future.]
Is this also the reason? Voting should be based on the Bylaw of CA/Browser Forum and the Charter of Server Certificate Work Group, but this CA actually votes based on its own interests! Is this the "Respect for rules" and "Spirit of Contract" advertised by the West? !
Not only is it unjustifiable from a legal point of view, but the manager does not understand the CA business at all. If your company does not do business in China, it does not mean that your customers do not do business in China! If ZT Browser distrusts your root certificate, then your customer's website will all be displayed as "Not secure", it's not as simple as whether your company does business in China or not!
And, one of the browsers voted "no" because his leader asked him to vote like this. This is also not "Respect for rules", but "Respect for the leader". It feels that the culture of the East and the West is completely reversed now!
ZT Browser will definitely have equivalent countermeasures in the next version released.
ZT Browser has been downloaded and used by users from more than 100 countries and regions since the public beta version was released on June 1 last year. Since it is so popular, the author decided to apply to become a member of an international organization - CA/Browser Forum as Certificate Consumer (Application Software Supplier). Therefore, on behalf of the company, the author applied for membership on November 24, 2022. The application discussion on the conference call on December 9 failed, and one member said that more time was needed for evaluation. On January 6, 2023, the meeting discussed our application again, but still have some members disagree, so a public ballot is required according to the Charter. On January 6, Aaron Gable of ISRG/Let's Encrypt initiated a ballot and was endorsed by Tobias Josefowitz of Opera and Tim Hollebeek of DigiCert, the public discussion period is determined to be two weeks (3:00 on January 6th to 3:00 on January 20th) (the time referred to in this article is China time). The 7-day voting period (7:00 on January 21 to 7:00 on January 28) has entered on January 21, which happens to be the 7-day holiday of the Chinese New Year, which is a bit of a coincidence.
The statistical result after the voting end at 7 o'clock this morning is “fail”, because the four browsers: Apple, Google, Mozilla, Opera voted “no”. The benefits of voting are open and transparent, so that applicant can clearly know who is opposing. Through this result is what the author has guessed, but the author still wants to ask: Apple, Google, Mozilla, Opera, what are you afraid of? Is it afraid that a browser from China has the right to vote in international standards organization?
Since the browser has a strong position in the CA/Browser Forum, it is very easy for other browsers to apply for joining before ZT Browser. If the application is made, the application in discussion at the first meeting will be passed. However, the first discussion of ZT Browser failed, and the second discussion failed, so it had to initiate a vote according to the Charter, but still failed, because it requires at least one current browser member to vote “yes”, but unfortunately no! The author wants to ask again: Apple, Google, Mozilla, Opera, what are you afraid of? Can you openly respond to why you voted no?
ZT Browser is applying to become a certificate consumer member of the CA/Browser Forum, that is, a member of the browser side, hoping to become a member like Apple, Google, Mozilla, Opera, Microsoft with voting rights for the formulation of CA international standards, because the current CA/Browser Forum does not have a browser member who understands CA business and CA needs, and does not have a browser member who is friendly to CAs, which leads to this international organization serious inequality, CAs are in a seriously weak position in this organization, which is not conducive to the healthy development of this international organization.
Let me share some insider information about the voting process here.
Finally, let me share with you the canvassing email that the author wrote at the start of the voting discussion period on January 6. Please be sure to read the third reason for Chinese readers.
From: Richard Wang
Sent: Friday, January 6, 2023 10:07 AM
To: 'Dean Coclin'
Subject: RE: [cabfquest] Membership Application of ZT Browser
Hello Dean and Members,
Very thanks for your effort for my company’s application.
I wish to be a membership become I love CABF since I joint this organization in 2013, this is the best international organization in the world that every member work hard to do the best to make the Internet more secure.
So, I sincerely invite you to vote “YES”, thanks.
Here are the reasons:
(1) ZT Browser is the only one that keep the EV green bar, this is the first feature. I know all CA love it once I decided to make a browser. Everyone can get this love from the blog: https://pkic.org/2019/08/27/why-are-you-removing-website-identity-google-and-mozilla/ wrote by Kirk Hall (Entrust), Tim Callan (Sectigo). We believe that website identity is same important as encryption.
We think Internet users must have the freedom of choice to love EV green bar or NOT, but current situation is NO choice, this is not good.
Vote ZT Browser is to vote the Choice!
(2) ZT Browser believe the website security not only just encryption, and not only the identity, but also need protection. This is why we display the WAF protection icon (F) in the address bar. This also is the unique one in all current browsers.
We think Internet users must have the right to know if the website they are visiting have security protection to give them confidence for surfing.
Vote ZT Browser is to vote the Right!
(3) ZT Browser is the unique one that support China algorithm SM2 SSL certificate and SM2 Certificate Transparency, SM2 algorithm support is the compliance requirement of China Cryptography Law since ZT Browser made in China. All website using SM2 SSL certificate for https encryption display the special icon ( ) in the address bar.
We think all browsers will support SM2 algorithm in the future since it is not only required in China market, but it also an approved algorithm by ISO/IEC. CA/B Forum need a browser member that support SM2 algorithm for Internet user’s choice and for trial for all browsers.
Vote ZT Browser is to vote the Future!
Thanks for your love! Have a bright new year!
ZT Browser Chief Architecture
CEO & CTO
ZoTrus Technology Limited