CA/Browser Forum
Home » All CA/Browser Forum Posts » 2018-08-09 Server Certificate Working Group Minutes

2018-08-09 Server Certificate Working Group Minutes

Minutes for Server Certificate Working Group Teleconference – 9 August 2018

  1. **Attendees/Roll Call. ** The roll call occurred on the previous Forum teleconference. See 2018-08-09 Minutes

  2. Read Antitrust Statement. Reading of the Antitrust Statement occurred on the previous Forum teleconference. See 2018-08-09 Minutes

  3. Review Agenda. Agenda was approved.

  4. Approval of Minutes of teleconference of July 26, 2018. The Minutes as amended were approved, and will be posted to the Public list. See 2018-07-26 Server Certificate Working Group Minutes

  5. Final list of Members, Associate Members, and Interested Parties – SCWG. The updated list circulated by Kirk by email on August 6, 2018 was approved and will be posted to the wiki and the Forum’s website. Kirk will make no further efforts to contact former Forum members, who can apply if they are interested in participating in the SCWG.

  6. Start of nomination period for CABF Chair and for SCWG Chair. Kirk noted that the nomination period for CABF Chair and for SCWG Chair had just opened on August 9 at 11:00 am Eastern, and will run for two weeks through August 23 at 11:00 am Eastern. The terms will run from Nov. 1, 2018 through Oct. 31, 2020. Those who wish to be nominees can enter their names on the Officer Elections page which has a link on the first page of the wiki.

  7. Status of SCWG Ballots to create Subcommittees (Validation, NetSec, Certificate Policy/Policy Review). Kirk noted that SCWG ballots were needed to create new Validation, NetSec, and Certificate Policy / Policy Review Subcommittees to replace the old Validation, NetSec, and Certificate Policy / Policy Review Working Groups of the Forum, which expire October 3. Tim said he had been busy with other projects but would come up with a ballot for the Validation Subcommittee, and Dimitris said he would also for the Certificate Policy Subcommittee.

  8. Plan for moving from Public mailing list to SCWG list. Dimitris previously proposed a plan for moving SCWG messages from the current Public list to a new SCWG Public list in an email to the Forum members. He summarized the plan as follows: We will try to automate the processes as much as possible so Members can list and update their authorized representatives who can post to the public lists and have access to the management lists and the wiki. During August, Members, Associate Members, and Interested Parties will be required to provide their official representatives and related email addresses to the Forum. This information will be included in a Google spreadsheet document, which will be maintained by the Chair and Vice Chair. Other tools will be developed, and any difference between the official list and the current mailing list will be reported to the officers.

We will start this process manually, and add features and automation over time to cut down the administrative burden of making changes. Members, Associate Members, and Interested Parties will be required to post their official representatives and related email addresses by August 31. As of September 1, if any former Member representative with posting privileges has not been listed, he or she will continue to receive emails from the Public list (but without posting rights, just like any other subscriber to the Public list), and will be removed from the Management and Questions list. The Forum’s Public list and the SCWG Public list will be mirrored on September 1 as there is only one Working Group at the present time. Both the Forum and SCWG will use the existing Management and Questions list until there are other Chartered Working Groups, at which time we will create new Management and Questions lists for each WG. The existing management and questions list of the forum will then be copied to a SCWG management and questions list.

Kirk asked if the Public and SCWG lists are mirrored now, and the answer was no. Kirk asked which list SCWG messages should be sent to in August, and Dimitris suggested posting to both lists in August, and then only to the SCWG list starting Sept. 1.

Ben asked if these changes would have an effect on or be affected by our IPR Agreement. Dimitris said no, the IPR Agreement was signed at the Forum level and applies to all WG activity as well. Once we have multiple WGs in operation, then the critical issue as to applicability of the IPR Agreement will depend on a particular Member’s “participation” on a specific WG.

    1. Ballot Status. No discussion.
  1. Any Other Business. Tim said that the legacy Validation Working Group had assigned “homework” to its members – they are to check with their companies to determine how re-directs are handled for discussion of Method 6 and possible amendments. They should communicate their findings back to the Validation Working Group.

Kirk stated briefly how he thought the October F2F meeting in Shanghai would be organized – the new Subcommittees would probably meet on Tuesday, and on Wednesday and Thursday we would start with a plenary Forum meeting, and then spend the balance of our time on a plenary Server Certificate Working Group meeting. He noted this will be a new agenda structure, and asked members to be thinking about format and topic issues in advance. He also suggested that members who need to apply for a Chinese visa to come to Shanghai should start the process soon, if they haven’t already.

  1. Next call: August 23, 2018 at 11:00 am Eastern Time.

  2. Adjourn

Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.7 - Ballot SMC09 - Nov 25, 2024

This ballot includes updates for the following: • Require pre-linting of leaf end entity Certificates starting September 15, 2025 • Require WebTrust for Network Security for audits starting after April 1, 2025 • Clarify that multiple certificatePolicy OIDs are allowed in end entity certificates • Clarify use of organizationIdentifer references • Update of Appendix A.2 Natural Person Identifiers This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Clint Wilson (Apple) and Martijn Katerbarg (Sectigo).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).