CA/Browser Forum
Home » All CA/Browser Forum Posts » 2020-12-11 Minutes of the CA/Browser Forum Teleconference

2020-12-11 Minutes of the CA/Browser Forum Teleconference

Attendees

Adrian Mueller (SwissSign), Amanda Mendieta (Apple), Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Bruce Morton (Entrust), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell (SecureTrust), Christy Berghoff (Federal PKI), Curt Spann (Apple), Daniela Hood (GoDaddy), David Kluge (Google), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Hazhar Ismail (MSC Trustgate), Inaba Atsushi (GlobalSign), Janet Hines (SecureTrust), Joanna Fox (GoDaddy), Johnny Reading (GoDaddy), Jos Purvis (Cisco Systems), Karina Sirota (Microsoft), Li-Chun Chen (Chunghwa Telecom), Mads Henriksveen (Buypass AS), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter (SecureTrust), Patrick Nohe (GlobalSign), Paul van Brouwershaven (Entrust), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Rae Ann Gonzales (GoDaddy), Rebecca Kelley (Apple), Rich Smith (Sectigo), Ryan Sleevi (Google), Shelley Brewer (Digicert), Stephen Davidson (Digicert), Tadahiko Ito (SECOM Trust Systems), Thomas Zermeno (SSL.com), Tim Callan (Sectigo), Tim Hollebeek (Digicert), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority)

CA/B Forum Meeting Minutes

Administrative Updates

Dean Coclin (DigiCert) CA/B Forum Chair

  • Anti-trust statement was read
  • Agenda was published. No comments.
  • Approval of Face-to-Face 51 minutes
  • No comments. Minutes approved.

Forum Infrastructure Subcommittee

Jos Purvis (Cisco) Subcommittee Chair

  • Conversion of CA/B Forum GIT Repository into separate sub-repositories
  • All repositories created and working out final details
  • Ryan Sleevi (Google) asked for owners in email to add 2FA or ask to be removed as an owner
  • At this point, only 2 members remaining without 2FA. Ryan will send them a direct email.
  • At this point, 2FA will be enabled.
  • Jim Gorz (GoDaddy) has been preparing to move the mailer host
  • He’ll post a change date once it is available to ensure we do not have discussions or voting periods during the migration to the new host

Code Signing Certificate Working Group

Dean Coclin (DigiCert) CA/B Forum Chair

  • CSCWG-4: Review period ended. Bruce published final version and it is up and running
  • Ian McMillan (Microsoft) proposed Key Protection ballot. This is about cloud based key protection requirements. Clarification needed on log retention. USB tokens needed for that. Auditing discussed.
  • Question about clarifying timeline for 3072 bit keys. Now June 2021.
  • If root issued before 2021 and is 2048 key size, can it still be used. Ian McMillan is going to get clarity.
  • Bruce Morton (Entrust) is investigating EV vs. Non-EV requirements in BRs.

S/MIME Working Group

Stephen Davidson (DigiCert), Working Group Chair

  • Telia interested in participating in working group
  • Working group is currently at 38 members
  • Fast approaching stage of using GitHub
  • Steven will work with Infrastructure Subcommittee to use GitHub for S/MIME
  • Leaf certificate profile
  • Reviewed data within fields
  • Working on aligning format (table type) with what other working groups are using

Additional Administrative Updates

  • Member applications
  • Jos Purvis (Cisco) will follow-up with members requesting to join the CA/B Forum
  • Stephen Davidson (DigiCert) will follow up with Telia regarding the S/MIME Working Group membership request
  • Responding to Mailing List Questions
  • Dean Coclin (DigiCert) discussed the process for how to respond to the questions list. If Dean can answer administrative questions, he’ll respond immediately. If the questions are more unique or not “administrative”, he’ll ask for input from the group before sending a response.
  • Dean asked if anyone has any issues with how he’s been responding so far. No concerns were raised.
  • Next Meeting
  • The next scheduled meeting is canceled because it lands on the U.S. holiday of Thanksgiving.
  • December 10th is the now the next meeting.

Adjourned

Latest releases
Server Certificate Requirements
SC-081v3: Introduce Schedule of Reducing Validity and Data Reuse Periods - May 21, 2025

BR v2.1.5

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.9 - Ballot SMC011 - May 14, 2025

This ballot allows the option to use a European Unique Identifier (EUID) as a Registration Reference in the NTR Registration Scheme. The EUID uniquely identifies officially-registered organizations, Legal Entities, and branch offices within the European Union or the European Economic Area. The EUID is specified in chapter 9 of the Annex contained in the Implementing Regulation (EU) 2021/1042 which describes rules for the application of Directive (EU) 2017/1132 “relating to certain aspects of company law (codification)”. The ballot also includes several editorial corrections, (e.g., reordering of References and regrouping of information from Appendix A to Section 7.1.4.2.2 (d)). This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Adrian Mueller (SwissSign) and Adriano Santoni (Actalis).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Related posts
Tags
Forum Minutes
Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).