CA/Browser Forum
Home » All CA/Browser Forum Posts » 2017-10-26 Minutes

2017-10-26 Minutes

Final Minutes CA/Browser Forum Teleconference of October 26, 2017

Attendees: Atsushi Inaba (GlobalSign), Ben Wilson (DigiCert), Christopher Kemmerer (SSL.com), Curt Spann (Apple), Daymion Reynolds (Godaddy), Dean Coclin (Symantec), Doug Beattie (GlobalSign), Frank Corday (Trustwave), Geoff Keating (Apple), Gervase Markham (Mozilla), Li-Chun Chen (Chunghwa Telecom), Mads Henriksveen (BuyPass), Mike Reilly (Microsoft), Neil Dunbar (Trustcor), Rich Smith (Comodo), Shelley Brewer (DigiCert), Steve Medin (Symantec), Tim Hollebeek (Trustwave), Tim Shirley (Trustwave), Tyler Myers (GoDaddy), Virginia Fournier (Apple).

  1. Roll Call

  2. Read Antitrust Statement

  3. Review Agenda. Agenda was approved.

  4. Approval of Minutes from Taipei F2F meeting Oct. 4-5. This item was postponed until we have all of the minutes in. Ben asked those who have not submitted their minutes to please do so.

  5. Governance Change Working Group update. Dean said that during our recent WG meeting we reviewed the comments from Gerv and the FAQ. There were some items that we wanted Virginia to review. This week we also circulated a draft charter for the Server Certificate Working Group, and we’ve already received several comments, which we’re going through.

  6. Validation Working Group update. No report.

  7. Policy Review Working Group update. Ben said the WG didn’t have a call this week, but that Dimitris was going to review the Baseline Requirements again for use of the term “CA” and distinguish when it referred to a legal entity vs. a system.

  8. Network Security Working Group update. Ben said the WG had worked on passwords and a couple other areas of the Network and Certificate System Security Requirements and was making good progress and that there was a lot of participation in the Working Group, which was a good sign that people want to accomplish more with this effort.

  9. Ballot Status: We reviewed the list of ballots provided with the Agenda.

  10. Other Business:

The minutes of the last teleconference held on Thursday, October 12, 2017, were approved.

Dean noted that we have confirmed that we’ll be meeting in Shanghai in October 2018. More details will be made available later.

Rich asked, along the lines of the discussions about new / alternative domain validation methods, whether there was any input from the group on the idea of using RDAP, since some registrars are now running it. This might involve adding a definition of “whois” to the Baseline Requirements. Rich said that he would bring the topic up with the Validation Working Group.

Ben noted that a new version of the EV Guidelines had been posted to the website and that the wiki has been updated to contain all Word versions of the EV Guidelines and Baseline Requirements in case anyone needs to refer to them.

  1. Next call November 9, 2017.

  2. Adjourned.

Latest releases
Server Certificate Requirements
SC-081v3: Introduce Schedule of Reducing Validity and Data Reuse Periods - May 21, 2025

BR v2.1.5

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.9 - Ballot SMC011 - May 14, 2025

This ballot allows the option to use a European Unique Identifier (EUID) as a Registration Reference in the NTR Registration Scheme. The EUID uniquely identifies officially-registered organizations, Legal Entities, and branch offices within the European Union or the European Economic Area. The EUID is specified in chapter 9 of the Annex contained in the Implementing Regulation (EU) 2021/1042 which describes rules for the application of Directive (EU) 2017/1132 “relating to certain aspects of company law (codification)”. The ballot also includes several editorial corrections, (e.g., reordering of References and regrouping of information from Appendix A to Section 7.1.4.2.2 (d)). This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Adrian Mueller (SwissSign) and Adriano Santoni (Actalis).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Related posts
Tags
Minutes
Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).