CA/Browser Forum
Home » All CA/Browser Forum Posts » 2019-06-27 Minutes of the Server Certificate Working Group

2019-06-27 Minutes of the Server Certificate Working Group

Attendees (in alphabetical order)

Ben Wilson (Digicert), Chris Kemmerer (SSL.com), Daniela Hood (GoDaddy), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Frank Corday (SecureTrust), Geoff Keating (Apple), Inaba Atsushi (GlobalSign), Janet Hines (SecureTrust), Joanna Fox (GoDaddy), Jos Purvis (Cisco Systems), Karina Sirota (Microsoft), Kenneth Myers (US Federal PKI Management Authority), Kirk Hall (Entrust Datacard), Mariusz Kondratowicz (Opera Software AS), Michelle Coon (OATI), Neil Dunbar (TrustCor Systems), Robin Alden (Sectigo), Tim Hollebeek (Digicert), Tim Shirley (SecureTrust), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla).

Minutes

1. Roll Call

The Vice-Chair took attendance

2. Read Antitrust Statement

The Antitrust Statement was read

3. Review Agenda

The Agenda was approved.

4. Approval of minutes from previous teleconference

The minutes from the previous teleconference were approved and will be circulated to the public list.

5. Validation Subcommittee Update

Tim gave the report. It was a short meeting discussing the action items from the last F2F meeting. There will be a couple of ballot coming out soon.

6. NetSec Subcommittee Update

The Subcommittee has not met yet after the F2F so there is no update. Kirk asked what was next on the agenda and order of work for the subcommittee. Ben didn’t have this information ready and would get back with that information later.

7. Ballot Status

Tim H. noticed that ballot SC17 had cleared the review period but GitHub hadn’t been updated. Wayne responded that on the web site there is an updated version of the EV guidelines including SC17, Dimitris probably hasn’t updated GitHub yet. Wayne pointed out that this doesn’t affect the effectiveness of ballot SC17, people can rely on the published version on the web site.

Ballots in Discussion Period

None

Ballots in Voting Period

None

Ballots in Review Period

Draft Ballots under Consideration

Improvements for Method 6, website control (Tim H.) No additional comments _ SC20 Ballot (NSR 2): System Configuration Management_ (Ben) No additional comments

SC21 Ballot (NSR 3): Log Integrity Controls (Ben) No additional comments

8. Review of F2F 47 Minutes

Wayne reminded members about the email Dimitris sent to the Management list with some instructions and tips on getting the minutes prepared, so we can approve them at the next teleconference.

9. Any Other Business

None.

10. Next call

July 11, 2019 at 11:00 am Eastern Time.

Adjourned

Latest releases
Server Certificate Requirements
BRs/2.1.2 SC-080 V3: Sunset the use of WHOIS to identify Domain Contacts and relying DCV Methods - Dec 16, 2024

Ballot SC-080 V3: “Sunset the use of WHOIS to identify Domain Contact… (https://github.com/cabforum/servercert/pull/560) Ballot SC-080 V3: “Sunset the use of WHOIS to identify Domain Contacts and relying DCV Methods” (https://github.com/cabforum/servercert/pull/555)

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.8 - Ballot SMC010 - Dec 23, 2024

This ballot adopts Multi-Perspective Issuance Corroboration (MPIC) for CAs when conducting Email Domain Control Validation (DCV) and Certification Authority Authorization (CAA) checks for S/MIME Certificates. The Ballot adopts the MPIC implementation consistent with the TLS Baseline Requirements. Acknowledging that some S/MIME CAs with no TLS operations may require additional time to deploy MPIC, the Ballot has a Compliance Date of May 15, 2025. Following that date the implementation timeline described in TLS BR section 3.2.2.9 applies. This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Ashish Dhiman (GlobalSign) and Nicolas Lidzborski (Google).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Related posts
Tags
Minutes Server Certificates
Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).