CA/Browser Forum
Home » All CA/Browser Forum Posts » 2021-07-08 Minutes of the CA/Browser Forum Teleconference

2021-07-08 Minutes of the CA/Browser Forum Teleconference

Attendees

Adrian Mueller (SwissSign), Ali Gholami (Telia), Ben Wilson (Mozilla), Bruce Morton (Entrust), Chris McMillan (Visa), Clint Wilson (Apple), Corey Bonnell (Digicert), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Enrico Entschew (D-TRUST), Inaba Atsushi (GlobalSign), Johnny Reading (GoDaddy), Jos Purvis (Cisco Systems), Karina Sirota (Microsoft), Kati Davids (GoDaddy), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter (SecureTrust), Paul van Brouwershaven (Entrust), Rebecca Kelley (Apple), Ryan Sleevi (Google), Sebastian Schulz (GlobalSign), Shelley Brewer (Digicert), Stephen Davidson (Digicert), Tadahiko Ito (SECOM Trust Systems), Tim Hollebeek (Digicert), Tobias Josefowitz (Opera Software AS), Vijayakumar (Vijay) Manjunatha (eMudhra), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority), Tyler Myers (GoDaddy), Fumihiko Yoneda (Japan Registry Services), Yoshiro Yoneya (Japan Registry Services)

Opening Procedures – Dean

  • Roll Call
  • Read Antitrust Statement
  • Review Agenda
  • Approval of minutes of last call
    • Approved
  • Introduction of new members

Forum Infrastructure Subcommittee update given by Jos

  • No call was initiated, should review co-hosts.
  • Infrastructure sub-committee should talk about calendars in the next call. No other discussion.

Code Signing Certificate Working Group update given by Bruce

Discussed signing services and question about sub-committee, but high level discussion overall. Will go back to the group to discuss further

SMIME working group update given by Stephen

  • Laid out 4 types of email certificates. The goal is to get the entire S/MIME certs in to an auditable certificate profile ASAP.
  • The decision making on documents is cumulative, so it’ll show up later in different areas.
  • One of the biggest issues is on the validation types, since that will be different from current ballots and will be adopted from the existing CA/b Forum standards. Does adopting EV validation mean that it will go through to the profile
  • GlobalTrust (E-commerce monitoring) has joined as a certificate member, which means there are 28 members
    • Dean: they need to go through addition steps. They will work offline.

Fall F2F dates

  • Please check calendars. A poll will go out shortly.
  • End of October there is a conflict ICANN and WS#. Dean- it won’t be that late.
  • Potential Conflicts with CA Days. People can post conflicts on a conference page on Wiki. Dimitris will share this.
  • Dean to suggest week of October 4 or week of October 11.

Any Other Business:

None

Next call: July 22

Latest releases
Server Certificate Requirements
SC-081v3: Introduce Schedule of Reducing Validity and Data Reuse Periods - May 21, 2025

BR v2.1.5

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.9 - Ballot SMC011 - May 14, 2025

This ballot allows the option to use a European Unique Identifier (EUID) as a Registration Reference in the NTR Registration Scheme. The EUID uniquely identifies officially-registered organizations, Legal Entities, and branch offices within the European Union or the European Economic Area. The EUID is specified in chapter 9 of the Annex contained in the Implementing Regulation (EU) 2021/1042 which describes rules for the application of Directive (EU) 2017/1132 “relating to certain aspects of company law (codification)”. The ballot also includes several editorial corrections, (e.g., reordering of References and regrouping of information from Appendix A to Section 7.1.4.2.2 (d)). This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Adrian Mueller (SwissSign) and Adriano Santoni (Actalis).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).