CA/Browser Forum
Home » All CA/Browser Forum Posts » 2013-07-25 Minutes

2013-07-25 Minutes

Notes of meeting

CAB Forum

25 July 2013

Version 1

  1. Present: Rick Andrews, Kirk Hall, Atsushi Inaba, Ben Wilson, Eddy Nigg, Mads Henriksveen, Sissel Hoel, Dean Coclin, Jeremy Rowley, Ryan Sleevi, Robin Alden, Steve Roylance, Mert Ozarar, Atilla Biler

  2. Agenda review: Approved as published.

  3. Minutes: Minutes of July 11, 2013 were circulated on July 18, 2013

  4. Ballots: Ballot 103- Ben will fix and recirculate; Ballot 104 – EVG v. 1.4.3 will be circulated; Ballot 105 – so far we have received 13 votes, 11 yes and two abstained. Three of the browser have voted yes. Ballot 106 there have been many comments. Do we want to discuss now? No, we’ll continue discussions on the list. Ballot 107 – Mads needs another endorser. Iñigo said he would endorse with a minor change. Ballot 89 – Rick said he had sent to Tom for review. He’ll follow up when Tom gets back from vacation, but he wants to put it to bed–either put out a new document or get rid of the old one on the web site. Ballot 108 – Jeremy noted that the current Baseline Requirements are not clear on when they apply. He suggests that SSL certificates be defined for purposes of the Baseline Requirements as certificates with the server authentication EKU. Ryan S. wants to ensure that the Baseline Requirements correctly address Intermediate CAs as well. Jeremy agreed and said he would add that in.

  5. Application of WoSign: Dean noted that WoSign had submitted their audit report and that they had signed the IPR, but he could not get the EV test site to work to see if the certificate is trusted. Eddy said that Microsoft has trusted their root, and that they are cross-signed by StartCom and have a root from KEYNECTIS. Dean said the requirement is very clear, the CA has to demonstrate that they are issuing certificates that are trusted – not just that they have a root that is trusted. Demonstration by having the URL work would prove that they satisfy this requirement. Dean would vote for approval on condition that they demonstrate that the root is embedded and that they fix the link. Dean said he would follow up with them.

  6. Update on Face-to-face meeting in Ankara from TURKTRUST: Yesterday they updated the wiki page and included a message, which they attempted to send through email but it did not go through. They said they are planning a trip to Cappadocia after adjourning the meeting on Thursday. They will send the message again to the mailing list which is now included on the wiki page with information about the meeting, events, and additional information about travel in Ankara and things to see in Ankara.

  7. Other Business: Ben noted that people had provided good updates so far for the web site and that he will review the content to see what still needs work. Mads noted that he was having trouble integrating EV Code Signing into the EV SSL page. Ben said that he already mentioned that someone else should take on the EV Code Signing page and another person could work on the Network and Certificate Security Requirements page. Moudrick had volunteered to take on one of the topics, so we need someone to take on the other. Kirk suggested that we also add good visual content, and Ben agreed. Ben said that after we get this draft done we can then turn the web site over to Wayne’s team to prepare a mockup to review before it goes live.

  8. Meeting adjourned – Next meeting is set for Thursday, August 8th.

Latest releases
Server Certificate Requirements
SC-081v3: Introduce Schedule of Reducing Validity and Data Reuse Periods - May 21, 2025

BR v2.1.5

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.9 - Ballot SMC011 - May 14, 2025

This ballot allows the option to use a European Unique Identifier (EUID) as a Registration Reference in the NTR Registration Scheme. The EUID uniquely identifies officially-registered organizations, Legal Entities, and branch offices within the European Union or the European Economic Area. The EUID is specified in chapter 9 of the Annex contained in the Implementing Regulation (EU) 2021/1042 which describes rules for the application of Directive (EU) 2017/1132 “relating to certain aspects of company law (codification)”. The ballot also includes several editorial corrections, (e.g., reordering of References and regrouping of information from Appendix A to Section 7.1.4.2.2 (d)). This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Adrian Mueller (SwissSign) and Adriano Santoni (Actalis).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).