CA/Browser Forum
Home » All CA/Browser Forum Posts » 2021-07-22 Minutes of the CA/Browser Forum Teleconference

2021-07-22 Minutes of the CA/Browser Forum Teleconference

Attendees

Adrian Mueller (SwissSign), Andrea Holland (SecureTrust), Bruce Morton (Entrust), Chris Kemmerer (SSL.com), Christy Berghoff (US Federal PKI Management Authority), Clint Wilson (Apple), Corey Bonnell (Digicert), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Enrico Entschew (D-TRUST), Hazhar Ismail (MSC Trustgate), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Janet Hines (SecureTrust), Johnny Reading (GoDaddy), Jos Purvis (Cisco Systems), Karina Sirota (Microsoft), Kati Davids (GoDaddy), Michelle Coon (OATI), Mike Reilly (Microsoft), Paul van Brouwershaven (Entrust), Rebecca Kelley (Apple), Ryan Sleevi (Google), Sebastian Schulz (GlobalSign), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Mozilla), Natalia Kotliarsky (SecureTrust), Tyler Myers (GoDaddy), Fumihiko Yoneda (Japan Registry Services), Yoshiro Yoneya (Japan Registry Services), Mike Min (GoDaddy)

Minutes

Opening Procedures- Dean

  • Roll Call
  • Read Antitrust Statement
  • Review Agenda
  • Approval of minutes of last call
    • Will send out last week’s for review next week
  • Introduction of new members

Forum Infrastructure Subcommittee update given by Jos

  • Will be updating branching for version releases. Each branch will get released with version number and documents. Each branch will get tagged with the documents each branch modifies. Will only be updating as long as GitHub has been used. Should help with redline version as well.
  • We will be manually deleting branches about a week after the ballot is done, but would eventually like to do this automatically.
  • Eventually would like to move to doing automatic redlining ballot, but this is currently a manual process.
    • Ryan clarified that there is some redlining going on for certain types of docs, but not for everything and to reach out to the group if help is needed.

Code Signing Certificate Working Group update given by Bruce

  • Minute from face-to-face were approved, so those can be posted.
  • There is an issue with the audit criteria for the new document, which is causing some issues in the CCADB.
  • Ballot for cleanup and clarification has been put out. Ian is working on log data retention ballot currently
  • Decided to work on signing service in the working group, not in a subcommittee.
  • Trying to work ahead on moving the document to RFC 3647 and the new PanDoc format.

SMIME working group update given by Stephen

  • Discussed the sponsored validation profile- this is a certificate that has both organization information and personal information, e.g. an employee of an organization.

Fall F2F dates

  • October 12-14, 2021
  • Looking at Professor from Israeli University as a guest speaker

Any Other Business

None

Next call: August 5th

Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.6 - Ballot SMC08 - Aug 29, 2024

This ballot sets a date by which issuance of certificates following the Legacy generation profiles must cease. It also includes the following minor updates: Pins the domain validation procedures to v 2.0.5 of the TLS Baseline Requirements while the ballot activity for multi-perspective validation is concluded, and the SMCWG determines its corresponding course of action; Updates the reference for SmtpUTF8Mailbox from RFC 8398 to RFC 9598; and Small text corrections in the Reference section

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).