CA/Browser Forum
Home » All CA/Browser Forum Posts » 2018-Nov-01 Minutes of CA/Browser Forum

2018-Nov-01 Minutes of CA/Browser Forum

Attendees (in alphabetical order)

Ben Wilson (Digicert), Bruce Morton (Entrust Datacard), Chris Kemmerer (SSL.com), Daymion Reynolds (GoDaddy), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Enrico Entschew (D-TRUST), Fotis Loukos (SSL.com), Frank Corday (Trustwave), Geoff Keating (Apple), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Jeff Ward (CPA Canada/WebTrust), Joanna Fox (GoDaddy), Jos Purvis (Cisco Systems), Kirk Hall (Entrust Datacard), Li-Chun Chen (Chunghwa Telecom Co. Ltd.), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Ryan Sleevi (Google), Shelley Brewer (Digicert), Tim Callan (Comodo CA –> Sectigo), Tim Shirley (Trustwave), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).

Minutes

  1. Roll Call - The Chair took attendance.
  2. Read Antitrust Statement - The Chair read the Antitrust Statement
  3. Review Agenda - Today’s Agenda was approved.
  4. Approval of Minutes of previous meeting - The minutes of CABF F2F Meeting 45 of Oct 17, 2018 were not approved because of missing minute - We kindly ask the remaining minute takers to publish their minutes to the wiki or contact the Chair if there is a problem.
  5. Update from Informal work group on governance and Bylaws issues - Tim was not on the call, no report
  6. Follow-up on new WG Charters - Ben sent out a draft “Bylaws WG Charter” and is using that as a template for other WG charters and using notes from the last F2F, specifically about the scope of Code Signing and S/MIME WGs. He will also listen to the recordings from the F2F and circulate draft Charters for these WGs as well before our next call. He asked for volunteers to Chair these WGs and Dimitris said that they could use a temporary Chair and once the WG is approved they can elect a new Chair and Vice-Chair.
  7. Other follow-up items from F2F meeting - None.
  8. Forum Infrastructure Working Group update - Discussed about document management and identified requirements for the “canonical version” of the documents, what format should we use to support these requirements. Then the WG discussed about wiki solutions where, again, will identify some requirements, examine different options and propose recommendations back to the Forum. Dimitris mentioned that he discussed with Trevoli from Amazon about the possibility of getting a couple of VMs so that the Forum can migrate the existing servers over. Trevoli is discussing with Legal and Finance about this request.
  9. Ballot Status Ballots in Discussion Period No ballots are in a Discussion Period. Draft Ballots under Consideration No ballots under consideration.
  10. Any Other Business - None.
  11. Next call - November 15, 2018 at 11:00am Eastern Time.
  12. Adjourned
Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.6 - Ballot SMC08 - Aug 29, 2024

This ballot sets a date by which issuance of certificates following the Legacy generation profiles must cease. It also includes the following minor updates: Pins the domain validation procedures to v 2.0.5 of the TLS Baseline Requirements while the ballot activity for multi-perspective validation is concluded, and the SMCWG determines its corresponding course of action; Updates the reference for SmtpUTF8Mailbox from RFC 8398 to RFC 9598; and Small text corrections in the Reference section

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).