CA/Browser Forum
Home » All CA/Browser Forum Posts » 2018-07-12 Forum Minutes

2018-07-12 Forum Minutes

Attendees: Arno Fiedler (D-TRUST), Atsushi Inaba (GlobalSign), Ben Wilson (DigiCert), Bruce Morton (Entrust), Cecilia Kam, (GlobalSign), Corey Bonnell (Trustwave),Curt Spann (Apple), Daymion Reynolds (GoDaddy), Dean Coclin (DigiCert), Devon O’Brien (Google), Dimitris Zacharopoulos (HARICA), Enrico Entschew (D-TRUST), Fotis Loukos (SSL.com), Frank Corday (Trustwave), Geoff Keating (Apple), Iñigo Barreria (360 Group), Joanna Fox (GoDaddy), Josselin Allemandou (DHIMYOTIS), Li-Chun Chen (Chunghwa Telecom), Marcelo Silva (Visa), Michele Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (Trustcor), Pascal Merlin (DHIMYOTIS),Patrick Tronnier (OATI), Phillip Hallam-Baker (Comodo Security Services), Ramiro Muñoz (AC Camerfirma)Rich Smith (ComodoCA), Romain Delval (DHIMYOTIS), Shelley Brewer (DigiCert),Tim Hollebeek (DigiCert), Tim Shirley (Trustwave), Tomasz Nowak (Opera), Trevoli Ponds-White (Amazon), Virginia Fournier (Apple), Wayne Thayer (Mozilla).

  1. Roll Call
  2. Read Antitrust Statement
  3. Review Agenda. Agenda was approved.
  4. Confirmation of Members, Associate Members, and Interested Parties. Kirk noted that with the change in Bylaws and the creation of a new Server Certificate Working Group (SCWG), the Forum would have to update its list of Members, Associate Members, and Interested Parties based on who signed the new IPR Agreement v1.3 and expressed an interest in participating in the SCWG – both are required. He noted that the organizational meeting of the SCWG would occur immediately following adjournment of the Forum teleconference, and suggested the list confirmed there, and then reconfirmed on the July 26 Forum teleconference.
  5. Approval of Minutes of F2F meeting London June 6-7, 2018 and teleconference of June 28, 2018. The Minutes were approved and will be posted on the Public list.
  6. Validation Working Group update. Tim said the WG continued to work on its existing list of work items, and has decided it should now become a Subcommittee of the new SCWG. Kirk said the Members will discuss the process for creation of SCWG Subcommittees on the next call.
  7. Network Security Working Group update. Ben noted that the Network Security WG had a limited lifetime in its original charter (a one-year sunset date), and had hit the date and disbanded. The Members can either reconstitute it as a Subcommittee of the SCWG, or create it as its own new Working Group under the Forum’s new governance structure. The Members will discuss the possible creation of a SCWG Network Security Subcommittee on the next call.
  8. Policy Review Working Group update. Ben said the Policy Review Working Group would become a Subcommittee of the SCWG, which can be discussed on the next call. Virginia reminded the Members that the charge to any new Subcommittee must be within the scope of the Working Group’s own charter, and Ben said it would be.
  9. Governance Change Working Group. Kirk noted that Ballot 206 said that Working Groups of the Forum could continue to exist if needed until October 3, 2018, and suggested the Governance Change WG might be needed through that date to resolve any issues from the new governance structure. Dean said the WG had a big mandate and had generally completed its work, but the Members may need to look at the original Ballot authorizing the Governance Change Working Group to see if it needs to be extended.
  10. Ballot Status. Kirk said he had cleared the Forum’s own list of pending Ballots, as all the Ballots on the list looked more appropriate for work in the SCWG. They will likely be refiled there.
  11. Offer to host future F2F meetings: Kirk stated that the Forum had received two invitations for future F2F meetings: October 2020 – Tokyo (hosted by GlobalSign) and June 2021- Poland (hosted by Asseco). Kirk thanked the two companies, and said he would add the meeting information to the wiki.
  12. Any Other Business. There was no other business.
  13. Next call: July 26, 2018. Kirk said that until further notice the Forum and SCWG would continue to share the current bi-weekly time slot for teleconferences.
  14. Adjourn
Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.7 - Ballot SMC09 - Nov 25, 2024

This ballot includes updates for the following: • Require pre-linting of leaf end entity Certificates starting September 15, 2025 • Require WebTrust for Network Security for audits starting after April 1, 2025 • Clarify that multiple certificatePolicy OIDs are allowed in end entity certificates • Clarify use of organizationIdentifer references • Update of Appendix A.2 Natural Person Identifiers This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Clint Wilson (Apple) and Martijn Katerbarg (Sectigo).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).