CA/Browser Forum
Home » All CA/Browser Forum Posts » 2019-07-11 Minutes of the Server Certificate Working Group

2019-07-11 Minutes of the Server Certificate Working Group

Attendees (in alphabetical order)

Ben Wilson (Digicert), Bruce Morton (Entrust Datacard), Chris Kemmerer (SSL.com), Daniela Hood (GoDaddy), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Geoff Keating (Apple), Gordon Bock (Microsoft), Huo Haitao (Halton) (360 Browser), Inaba Atsushi (GlobalSign), Janet Hines (SecureTrust), Kenneth Myers (US Federal PKI Management Authority), Kirk Hall (Entrust Datacard), Mads Henriksveen (Buypass AS), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter (SecureTrust), Peter Miskovic (Disig), Rich Smith (Sectigo), Ryan Sleevi (Google), Tim Shirley (SecureTrust), Timo Schmitt (SwissSign), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).

Minutes

1. Roll Call

The Chair took attendance

2. Read Antitrust Statement

The Antitrust Statement was read

3. Review Agenda

The Agenda was approved.

4. Approval of minutes from previous teleconference

The minutes from the previous teleconference were approved and will be circulated to the public list.

5. Validation Subcommittee Update

The Subcommittee did not meet due to US holiday.

6. NetSec Subcommittee Update

The Subcommittee discussed about ballots SC20 and SC21 and how to improve the language. They also discussed about the pain points and the document restructuring task tried to create a different table format and renumbering of the NSRs.

7. Ballot Status

No further discussion on ballots under consideration

Ballots in Discussion Period

None

Ballots in Voting Period

None

Ballots in Review Period

Draft Ballots under Consideration

Improvements for Method 6, website control (Tim H.) No additional comments _ SC20 Ballot (NSR 2): System Configuration Management_ (Ben) No additional comments

SC21 Ballot (NSR 3): Log Integrity Controls (Ben) No additional comments

8. Approval of F2F 47 Minutes

Dimitris mentioned that at least one member requested more time to review and offer corrections to some specific sessions so the F2F minutes would not be considered for approval at this meeting. Hopefully the minutes will be updated soon and circulated again so they can be considered for approval at the next scheduled teleconference.

9. Any Other Business

Dean asked for some clarifications on a question that was submitted in the questions list. Ryan responded that the person that submitted the question has probably misunderstood the requirement. Dean said he would draft an answer and send it to Ryan for comments and feedback. If we consider this language to be problematic, someone should bring it for public discussion in the servercert-wg list.

10. Next call

July 25, 2019 at 11:00 am Eastern Time.

Adjourned

Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.7 - Ballot SMC09 - Nov 25, 2024

This ballot includes updates for the following: • Require pre-linting of leaf end entity Certificates starting September 15, 2025 • Require WebTrust for Network Security for audits starting after April 1, 2025 • Clarify that multiple certificatePolicy OIDs are allowed in end entity certificates • Clarify use of organizationIdentifer references • Update of Appendix A.2 Natural Person Identifiers This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Clint Wilson (Apple) and Martijn Katerbarg (Sectigo).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).