CA/Browser Forum
Home » Posts » 2013-07-25 Minutes

2013-07-25 Minutes

Notes of meeting

CAB Forum

25 July 2013

Version 1

  1. Present: Rick Andrews, Kirk Hall, Atsushi Inaba, Ben Wilson, Eddy Nigg, Mads Henriksveen, Sissel Hoel, Dean Coclin, Jeremy Rowley, Ryan Sleevi, Robin Alden, Steve Roylance, Mert Ozarar, Atilla Biler

  2. Agenda review: Approved as published.

  3. Minutes: Minutes of July 11, 2013 were circulated on July 18, 2013

  4. Ballots: Ballot 103- Ben will fix and recirculate; Ballot 104 – EVG v. 1.4.3 will be circulated; Ballot 105 – so far we have received 13 votes, 11 yes and two abstained. Three of the browser have voted yes. Ballot 106 there have been many comments. Do we want to discuss now? No, we’ll continue discussions on the list. Ballot 107 – Mads needs another endorser. Iñigo said he would endorse with a minor change. Ballot 89 – Rick said he had sent to Tom for review. He’ll follow up when Tom gets back from vacation, but he wants to put it to bed–either put out a new document or get rid of the old one on the web site. Ballot 108 – Jeremy noted that the current Baseline Requirements are not clear on when they apply. He suggests that SSL certificates be defined for purposes of the Baseline Requirements as certificates with the server authentication EKU. Ryan S. wants to ensure that the Baseline Requirements correctly address Intermediate CAs as well. Jeremy agreed and said he would add that in.

  5. Application of WoSign: Dean noted that WoSign had submitted their audit report and that they had signed the IPR, but he could not get the EV test site to work to see if the certificate is trusted. Eddy said that Microsoft has trusted their root, and that they are cross-signed by StartCom and have a root from KEYNECTIS. Dean said the requirement is very clear, the CA has to demonstrate that they are issuing certificates that are trusted – not just that they have a root that is trusted. Demonstration by having the URL work would prove that they satisfy this requirement. Dean would vote for approval on condition that they demonstrate that the root is embedded and that they fix the link. Dean said he would follow up with them.

  6. Update on Face-to-face meeting in Ankara from TURKTRUST: Yesterday they updated the wiki page and included a message, which they attempted to send through email but it did not go through. They said they are planning a trip to Cappadocia after adjourning the meeting on Thursday. They will send the message again to the mailing list which is now included on the wiki page with information about the meeting, events, and additional information about travel in Ankara and things to see in Ankara.

  7. Other Business: Ben noted that people had provided good updates so far for the web site and that he will review the content to see what still needs work. Mads noted that he was having trouble integrating EV Code Signing into the EV SSL page. Ben said that he already mentioned that someone else should take on the EV Code Signing page and another person could work on the Network and Certificate Security Requirements page. Moudrick had volunteered to take on one of the topics, so we need someone to take on the other. Kirk suggested that we also add good visual content, and Ben agreed. Ben said that after we get this draft done we can then turn the web site over to Wayne’s team to prepare a mockup to review before it goes live.

  8. Meeting adjourned – Next meeting is set for Thursday, August 8th.

Latest releases
Code Signing Requirements
v3.7 - Mar 4, 2024

S/MIME Requirements
v1.0.5 - Ballot SMC07 - Jul 15, 2024

Ballot SMC07: Align Logging Requirement and Key Escrow clarification

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).