CA/Browser Forum
Home » All CA/Browser Forum Posts » 2020-08-05 Minutes of the S/MIME Certificate Working Group

2020-08-05 Minutes of the S/MIME Certificate Working Group

Attendees (in alphabetical order)

Matthias Wiedenhorst (ACAB’c), Arno Fiedler (Arno Fiedler ), Li-Chun Chen (Chunghwa Telecom), Tsung-Min Kuo (Chunghwa Telecom), Andreas Henschel (D-TRUST), Enrico Entschew (D-TRUST), Dean Coclin (DigiCert), Stephen Davidson (DigiCert), India Donald (Federal PKI), Wendy Brown (Federal PKI), James Knapp (Federal PKI), Hugh Mercer (GlobalSign), Atsushi Inaba (GlobalSign), Hongquan Yin (Microsoft), Mike Reilly (Microsoft), Ben Wilson (Mozilla), Hazhar Ismail (MSC Trustgate.com Sdn Bhd), Ahmad Syafiq Md Zaini (MSC Trustgate.com Sdn Bhd), Pedro Fuentes (OISTE), Patrycja Tulinska (PSW), Rich Smith (Sectigo), Chris Kemmerer (SSL.com), Thanos Vrachnos (SSL.com), Mike Guenther (SwissSign), Markus Wichmann (TeleTrust), Morad Abou Nasser (TeleTrust), Rufus Buschart (TeleTrust), Corey Bonnell (Trustwave), Janet Hines (Trustwave), David Chen (TWCA), Jeff Ward (WebTrust), Don Sheehy (WebTrust)

1. Roll Call

The Roll Call was taken.

2. Read Antitrust Statement

The Antitrust/Compliance Statement was read.

3. Review Agenda

No changes to the distributed agenda were noted.

4. Approval of minutes from last teleconference

The minutes of the July 20 teleconference were approved as distributed.

5. Approval of New Members

The declarations of the following organisations were noted:

  • Certificate Issuer: Chungwa Telecom, iTrusChina, Sectigo, SSC
  • Interested Party: TeleTrusT

A vote by consensus was agreed that the applicants met the membership requirements of the Charter, and the applicants’ membership in the SMCWG was accepted by consensus.

6. Discussion of approach and deliverables

A discussion was held on the primary deliverables described in the SMCWG Charter. It was agreed that the group would initially begin by considering certificate profiles for S/MIME end entity certificates and CA certificates.

Members were asked to continue to provide examples of known requirements and standards for S/MIME certificates for the group’s consideration. So far, examples have been provided for Mozilla’s root policy, Gmail, the U.S. Federal PKI, ETSI, BSI/ Germany, and Siemens.

It was agreed that the deliverable would take the form of RFC 3647, indicating in sections where content is to be referred from the Baseline Requirements or other standard, or similarly noting deviations/enhancements to the referred text. “No stipulation” will be used in sections where no requirement is indicated.

It was agreed that the document would move to GitHub for commenting at a later date as initial text was proposed. It was suggested that the Infrastructure Committee of the CA/Browser Forum could hold a “GitHub for nonDevelopers” training session.

6. Any Other Business

The WG was encouraged to consider, when reviewing certificate profiles, opportunities to enhance the value of S/MIME certificates in evolving uses. For example, this might include marking certificates to note where keys were generated or stored (e.g., CA, service provider, OS, app, token), among other ideas.

No other business was discussed.

7. Next call

The next call will take place on August 19, 2020 at 11:00am Eastern Time. A separate invitation has been sent to members of the SMCWG; meetings will occur every other week in weeks of the main CABF call.

Adjourned

Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.6 - Ballot SMC08 - Aug 29, 2024

This ballot sets a date by which issuance of certificates following the Legacy generation profiles must cease. It also includes the following minor updates: Pins the domain validation procedures to v 2.0.5 of the TLS Baseline Requirements while the ballot activity for multi-perspective validation is concluded, and the SMCWG determines its corresponding course of action; Updates the reference for SmtpUTF8Mailbox from RFC 8398 to RFC 9598; and Small text corrections in the Reference section

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).