CA/Browser Forum
Home » All CA/Browser Forum Posts » 2021-07-22 Minutes of the Server Certificate Working Group

2021-07-22 Minutes of the Server Certificate Working Group

Attendees

Adrian Mueller (SwissSign), Andrea Holland (SecureTrust), Bruce Morton (Entrust), Chris Kemmerer (SSL.com), Christy Berghoff (US Federal PKI Management Authority), Clint Wilson (Apple), Corey Bonnell (Digicert), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Enrico Entschew (D-TRUST), Hazhar Ismail (MSC Trustgate), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Janet Hines (SecureTrust), Johnny Reading (GoDaddy), Jos Purvis (Cisco Systems), Karina Sirota (Microsoft), Kati Davids (GoDaddy), Michelle Coon (OATI), Mike Reilly (Microsoft), Paul van Brouwershaven (Entrust), Rebecca Kelley (Apple), Ryan Sleevi (Google), Sebastian Schulz (GlobalSign), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Mozilla), Natalia Kotliarsky (SecureTrust), Tyler Myers (GoDaddy), Fumihiko Yoneda (Japan Registry Services), Yoshiro Yoneya (Japan Registry Services), Mike Min (GoDaddy)

1. Read Antitrust Statement

Jos Purvis read the antitrust statement.

2. Roll Call

Dean Coclin read the roll.

3. Review Agenda

No changes were made to the agenda.

4. Approval of minutes from last teleconference

The minutes from the last call were approved.

5. Validation Subcommittee Update

Doug Beattie said that last week’s call was short. Ryan Sleevi said that SC48 was mentioned, and members were requested to review and comment on the new certificate profiles (which can be found at https://github.com/sleevi/cabforum-docs/pull/36)

6. NetSec Subcommittee Update

Bruce Morton said that there was no meeting.

7. Ballot Status

Ballots in Discussion Period

None

Ballots in Voting Period

Ballot SC48: Domain Name and IP Address Encoding

Jos said that voting has ended. It was noted that a vote was received from Cisco after voting had ended and would not be counted.

Ballots in Review Period

  • Ballot SC47: Sunset subject:organizationalUnitName (Completes 2021-Aug-07)

Draft Ballots Under Consideration

Ballot SCXX: Debian Weak Keys (Chris)

Chris Kemmerer said that he will update the thread and ask for feedback on how to proceed.

Ballot SC34 Account Management (Tobi)

Tobi Josefowitz said he had no update this week.

8. Any Other Business

Jos said that we’re not required to approve interested party applications, but it sometimes helps to identify issues. We have received an application from emdha. Their IPR agreement is on the wiki. There were no objections to admitting emdha as an interested party.

Dean asked about the minutes for the June face-to-face. Jos said that he would publish them soon for the Wednesday and Thursday sessions. Subcommittees that met on Tuesday will need to publish the minutes from their meetings.

9. Next call

August 5th, 2021 at 11AM Eastern Adjourn; Immediately convene meeting of CA Browser Forum call (same call)

Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.7 - Ballot SMC09 - Nov 25, 2024

This ballot includes updates for the following: • Require pre-linting of leaf end entity Certificates starting September 15, 2025 • Require WebTrust for Network Security for audits starting after April 1, 2025 • Clarify that multiple certificatePolicy OIDs are allowed in end entity certificates • Clarify use of organizationIdentifer references • Update of Appendix A.2 Natural Person Identifiers This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Clint Wilson (Apple) and Martijn Katerbarg (Sectigo).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).