CA/Browser Forum
Home » All CA/Browser Forum Posts » 2019-07-11 Minutes of the Server Certificate Working Group

2019-07-11 Minutes of the Server Certificate Working Group

Attendees (in alphabetical order)

Ben Wilson (Digicert), Bruce Morton (Entrust Datacard), Chris Kemmerer (SSL.com), Daniela Hood (GoDaddy), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Geoff Keating (Apple), Gordon Bock (Microsoft), Huo Haitao (Halton) (360 Browser), Inaba Atsushi (GlobalSign), Janet Hines (SecureTrust), Kenneth Myers (US Federal PKI Management Authority), Kirk Hall (Entrust Datacard), Mads Henriksveen (Buypass AS), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter (SecureTrust), Peter Miskovic (Disig), Rich Smith (Sectigo), Ryan Sleevi (Google), Tim Shirley (SecureTrust), Timo Schmitt (SwissSign), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).

Minutes

1. Roll Call

The Chair took attendance

2. Read Antitrust Statement

The Antitrust Statement was read

3. Review Agenda

The Agenda was approved.

4. Approval of minutes from previous teleconference

The minutes from the previous teleconference were approved and will be circulated to the public list.

5. Validation Subcommittee Update

The Subcommittee did not meet due to US holiday.

6. NetSec Subcommittee Update

The Subcommittee discussed about ballots SC20 and SC21 and how to improve the language. They also discussed about the pain points and the document restructuring task tried to create a different table format and renumbering of the NSRs.

7. Ballot Status

No further discussion on ballots under consideration

Ballots in Discussion Period

None

Ballots in Voting Period

None

Ballots in Review Period

Draft Ballots under Consideration

Improvements for Method 6, website control (Tim H.) No additional comments _ SC20 Ballot (NSR 2): System Configuration Management_ (Ben) No additional comments

SC21 Ballot (NSR 3): Log Integrity Controls (Ben) No additional comments

8. Approval of F2F 47 Minutes

Dimitris mentioned that at least one member requested more time to review and offer corrections to some specific sessions so the F2F minutes would not be considered for approval at this meeting. Hopefully the minutes will be updated soon and circulated again so they can be considered for approval at the next scheduled teleconference.

9. Any Other Business

Dean asked for some clarifications on a question that was submitted in the questions list. Ryan responded that the person that submitted the question has probably misunderstood the requirement. Dean said he would draft an answer and send it to Ryan for comments and feedback. If we consider this language to be problematic, someone should bring it for public discussion in the servercert-wg list.

10. Next call

July 25, 2019 at 11:00 am Eastern Time.

Adjourned

Latest releases
Server Certificate Requirements
SC-081v3: Introduce Schedule of Reducing Validity and Data Reuse Periods - May 21, 2025

BR v2.1.5

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.9 - Ballot SMC011 - May 14, 2025

This ballot allows the option to use a European Unique Identifier (EUID) as a Registration Reference in the NTR Registration Scheme. The EUID uniquely identifies officially-registered organizations, Legal Entities, and branch offices within the European Union or the European Economic Area. The EUID is specified in chapter 9 of the Annex contained in the Implementing Regulation (EU) 2021/1042 which describes rules for the application of Directive (EU) 2017/1132 “relating to certain aspects of company law (codification)”. The ballot also includes several editorial corrections, (e.g., reordering of References and regrouping of information from Appendix A to Section 7.1.4.2.2 (d)). This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Adrian Mueller (SwissSign) and Adriano Santoni (Actalis).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).