CA/Browser Forum
Home » All CA/Browser Forum Posts » 2022-01-06 Minutes of the Server Certificate Working Group

2022-01-06 Minutes of the Server Certificate Working Group

Attendees

Adam Jones (Microsoft), Adrian Mueller (SwissSign), Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Bruce Morton (Entrust), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell (Digicert), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Fumihiko Yoneda (Japan Registry Services), Hazhar Ismail (MSC Trustgate Sdn Bhd), Inaba Atsushi (GlobalSign), Israr Ahmed (E-tugra), Joanna Fox (TrustCor Systems), Johnny Reading (GoDaddy), Jos Purvis (Cisco Systems), Karina Sirota (Microsoft), Kati Davids (GoDaddy), Mads Henriksveen (Buypass AS), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Niko Carpenter (SecureTrust), Peter Miskovic (Disig), Rae Ann Gonzales (GoDaddy), Rebecca Kelley (Apple), Ryan Dickson (Google), Stephen Davidson (Digicert), Tadahiko Ito (SECOM Trust Systems), Tim Hollebeek (Digicert), Trevoli Ponds-White (Amazon), Tyler Myers (GoDaddy), Vijayakumar (Vijay), Manjunatha (eMudhra), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yoshiro Yoneya (Japan Registry Services)

Minutes

1. Read Antitrust Statement

Jos Purvis read the antitrust statement.

2. Roll Call

Jos read the roll.

3. Review Agenda

No changes were made to the agenda.

4. Approval of Minutes from Last Teleconference

The minutes from the 9-December call were approved without changes.

The minutes for Face-to-Face meeting 54 as posted on the wiki were approved without changes.

5. Validation Subcommittee Update

Tim Hollebeek said that there was no meeting over the holidays so there was no update.

6. NetSec Subcommittee Update

Clint Wilson said that the subcommittee met on Tuesday and is working on transitioning to the new working group. Some items in progress stay with the Server Certificate WG and others will transition to the new WG. The risk assessment is ongoing. There is also a small ballot to update a definition in the drafting stage. The subcommittee will continue to meet until the WG commences.

Wayne Thayer asked when the WG would begin to operate. Dean Coclin said that January 15th is set as that date. Wayne mentioned that everyone who wishes to participate should send an email declaring their participation before then.

7. Ballot Status

Ballots in Discussion Period

  • Ballot SC52 version 2: Specify CRL Validity Intervals in Seconds (Tim)

Tim said the ballot has expired and a new ballot number will need to be assigned and another discussion period started.

Tim suggested that we extend the 3-week expiration for discussion periods the next time we update the bylaws. Jos suggested adding a pause button. Tim said that the purpose is to avoid having “dead” ballots, but that 90 days seems like a more reasonable limit. Tim said that he would add this to the issues list on GitHub.

Ballots in Voting Period

None

Ballots in Review Period

  • Ballot SC50: Remove the Requirements of Section 4.1.1

Jos said that the review period for this ballot had ended.

Draft Ballots Under Consideration

  • Ballot SC53: Sunset for SHA-1 OCSP Signing

Corey Bonnell said that he circulated a proposed ballot on the list prior to the holidays. Two members agreed to endorse and a ballot number has been assigned. Corey plans to begin discussion next week.

8. Any Other Business

None

9. Next call: January 20th, 2022 at 11AM Eastern

Adjourn; Immediately convene meeting of CA Browser Forum (same call)

Latest releases
Server Certificate Requirements
SC-081v3: Introduce Schedule of Reducing Validity and Data Reuse Periods - May 21, 2025

BR v2.1.5

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.9 - Ballot SMC011 - May 14, 2025

This ballot allows the option to use a European Unique Identifier (EUID) as a Registration Reference in the NTR Registration Scheme. The EUID uniquely identifies officially-registered organizations, Legal Entities, and branch offices within the European Union or the European Economic Area. The EUID is specified in chapter 9 of the Annex contained in the Implementing Regulation (EU) 2021/1042 which describes rules for the application of Directive (EU) 2017/1132 “relating to certain aspects of company law (codification)”. The ballot also includes several editorial corrections, (e.g., reordering of References and regrouping of information from Appendix A to Section 7.1.4.2.2 (d)). This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Adrian Mueller (SwissSign) and Adriano Santoni (Actalis).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).