CA/Browser Forum
Home » All CA/Browser Forum Posts » 2019-01-24 Minutes for Server Certificate Working Group Teleconference

2019-01-24 Minutes for Server Certificate Working Group Teleconference

Attendees (in alphabetical order)

Anna Weinberg (Apple), Arno Fiedler (D-TRUST), Ben Wilson (Digicert), Bruce Morton (Entrust Datacard), Chris Kemmerer (SSL.com), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Janet Hines (Trustwave), Frank Corday (Trustwave), Geoff Keating (Apple), Gordon Bock (Microsoft), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Iñigo Barreira (360 Browser), Joanna Fox (GoDaddy), Kenneth Myers (US Federal PKI Management Authority), Kirk Hall (Entrust Datacard), Li-Chun Chen (Chunghwa Telecom), Mahmud Khair (Trustwave), Michelle Coon (OATI), Neil Dunbar (TrustCor Systems), Niko Carpenter (Trustwave), Rich Smith (Sectigo), Robin Alden (Sectigo), Ryan Sleevi (Google), Shelley Brewer (Digicert), Tim Hollebeek (Digicert), Tim Shirley (Trustwave), Tomasz Nowak (Opera Software AS), Trevoli Ponds-White (Amazon), Vijayakumar (Vijay) Manjunatha (eMudhra), Wayne Thayer (Mozilla).

Minutes

1. Roll Call

The Chair took attendance

2. Read Antitrust Statement

The Antitrust Statement was read

3. Review Agenda

The Agenda was approved.

4. Approval of Minutes of previous teleconference

The minutes of January 10, 2019 teleconference were approved and will be posted to the Public list and the Public web site..

5. Validation Subcommittee Update

Ballot SC14 was discussed that is currently in discussion period on the public mailing list. Ballot SC7 (remove any other method from IP validation) now has 2 endorsers

The SC also begun to work on method 6 (website control). They will further discuss this on the next call and suggested people to come with ideas.

Methods 9 and 10 will come as separate ballots. There is already a ballot to remove method 9 which has known problems, with no transition period. Ryan will work on a ballot for method 10 to describe how to perform validation with TLS ALPN which is not standardized yet in IETF. The plan is to reference an explicit version number of the TLS ALPN draft.

High on the agenda next week is how to best use the validation slot at the F2F 46 meeting.

6. NetSec Subcommittee Update

Ben reported that the NetSec Subcommittee continued to review the different areas that the SC subdivided. They also looked at the terminology of the current Network Security Requirements, started looking at the risk assessment for CAs and an overall restructuring of the Network Security Requirements.

7. Ballot Status

Ballots in Discussion Period

Ballot SC14: Updated Phone Validation Methods (Doug) Doug mentioned that the seven day review period is over and he plans on starting the voting period.

Ballot SC15: Remove Validation Method Number 9 (Doug) Doug reminded that the commenting period ends on Tuesday January 29th and unless there are any concerns raised he will start the voting of that ballot as well. If anyone has any issues, please submit them as soon as possible.

Ballot SC7: Update IP Address Validation Methods (Wayne)Wayne mentioned that this ballot had been prepared for quite some time, Tim originally drafted it and he took it over recently. The ballot is in a good shape because it has been discussed extensively at the Validation Subcommittee but he encourages people to take a look at it and send comments as soon as possible.

Ballots in Review Period Ballot SC13: CAA Contact Property and Associated E-mail Validation Methods (Tim H.)

Draft Ballots under Consideration

Improvements for Method 6, website control (Tim H.): No comments were made.

8. Any Other Business

None.

9. Next call

February 7, 2019 at 11:00 am Eastern Time.

Adjourned

Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.7 - Ballot SMC09 - Nov 25, 2024

This ballot includes updates for the following: • Require pre-linting of leaf end entity Certificates starting September 15, 2025 • Require WebTrust for Network Security for audits starting after April 1, 2025 • Clarify that multiple certificatePolicy OIDs are allowed in end entity certificates • Clarify use of organizationIdentifer references • Update of Appendix A.2 Natural Person Identifiers This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Clint Wilson (Apple) and Martijn Katerbarg (Sectigo).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).