CA/Browser Forum
Home » All CA/Browser Forum Posts » 2019-01-10 Minutes for Server Certificate Working Group Teleconference

2019-01-10 Minutes for Server Certificate Working Group Teleconference

Attendees (in alphabetical order)

Ben Wilson (Digicert), Chris Kemmerer (SSL.com), Daymion Reynolds (GoDaddy), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Fotis Loukos (SSL.com), Frank Corday (Trustwave), Gordon Bock (Microsoft), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Joanna Fox (GoDaddy), Jos Purvis (Cisco Systems), Li-Chun Chen (Chunghwa Telecom), Marcelo Silva (Visa), Michelle Coon (OATI), Neil Dunbar (TrustCor Systems), Niko Carpenter (Trustwave), Peter Miskovic (Disig), Rich Smith (Sectigo), Robin Alden (Sectigo), Tim Callan (Sectigo), Tim Shirley (Trustwave), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).

Minutes

1. Roll Call

The Chair took attendance

2. Read Antitrust Statement

The Chair read the Antitrust Statement

3. Review Agenda

The Agenda was approved.

4. Application of eMudhra for SCWG Membership

eMudhra was accepted as a Full Member to the SCWG.

5. Validation Subcommittee Update

The Validation SC met last week and discussed the ballot to remove “any other method” from IP address validation methods. A working draft of that ballot has been circulated in the validation mailing list.

The SC also spent some time to discuss ballot SC14 that is currently in discussion period on the public mailing lists.

The SC also begun to work on method 6. They will focus on improving methods for validating domains via a “piece of information” on a web site.

6. NetSec Subcommittee Update

Ben reported that the NetSec Subcommittee will meet after this call. He gave a brief summary of the topics discussed during the previous call.

7. Ballot Status

Ballots in Discussion Period

Ballot SC14: Updated Phone Validation Methods Dimitris noticed that there is a possible ambiguity about the voting and whether votes must be sent to the servercert-wg or public list or both, but there is no issue related to the discussion venue of ballots. He recommended that members use the (the public list of the SCWG) since this ballot affects the SCWG, and avoid double-posting.

Doug sent a version 2 of the ballot that removed the DNS CAA location for phone numbers while waiting for IETF’s confirmation about how to define the property tags. He also replied to a couple of comments and suggested if anyone else has comments or concerns about the ballot, to send a message to the servercert-wg mailing list as soon as possible. Once these are addressed, a version 3 will be created that will hopefully be the final one before voting.

Ballots in Review Period Ballot SC13: CAA Contact Property and Associated E-mail Validation Methods (Tim H.) Dimitris mentioned that it was brought to his attention that appendix B of that ballot had a typo in the numbering and mentioned that when we create the final version of the Baseline Requirements, this typo will be corrected and it will be clear so that everyone knows about this editorial change.

Draft Ballots under Consideration

Ballot SC7: Update IP Address Validation Methods (Wayne)No comments were made.

Improvements for Method 6, website control (Tim H.)No comments were made.

8. Any Other Business

None.

9. Next call

January 24, 2019 at 11:00 am Eastern Time.

Adjourned

Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.7 - Ballot SMC09 - Nov 25, 2024

This ballot includes updates for the following: • Require pre-linting of leaf end entity Certificates starting September 15, 2025 • Require WebTrust for Network Security for audits starting after April 1, 2025 • Clarify that multiple certificatePolicy OIDs are allowed in end entity certificates • Clarify use of organizationIdentifer references • Update of Appendix A.2 Natural Person Identifiers This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Clint Wilson (Apple) and Martijn Katerbarg (Sectigo).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).