CA/Browser Forum
Home » Posts » 2021-12-09 Minutes of the Server Certificate Working Group

2021-12-09 Minutes of the Server Certificate Working Group


Adrian Mueller (SwissSign), Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Brittany Randall (GoDaddy), Bruce Morton (Entrust), Chris Kemmerer (, Chris McMillan (Visa), Clint Wilson (Apple), Corey Bonnell (Digicert), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Fumihiko Yoneda (Japan Registry Services), Inaba Atsushi (GlobalSign), Janet Hines (SecureTrust), Joanna Fox (TrustCor Systems), Jos Purvis (Cisco Systems), Jose Guzman (GoDaddy), Karina Sirota (Microsoft), Kati Davids (GoDaddy), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Niko Carpenter (SecureTrust), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Rae Ann Gonzales (GoDaddy), Rebecca Kelley (Apple), Ryan Dickson (Google), Sebastian Schulz (GlobalSign), Tadahiko Ito (SECOM Trust Systems), Tobias Josefowitz (Opera Software AS), Tyler Myers (GoDaddy), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority), Yosiaki Iida (SECOM Trust Systems), Adam Jones (Microsoft), Pekka Lahtiharju (Telia)


1. Read Antitrust Statement

Jos Purvis read the antitrust statement.

2. Roll Call

Reading of the roll was deferred to the Forum call.

3. Review Agenda

No changes were made to the agenda.

4. Approval of Minutes from Last Teleconference

The minutes from the last call were approved without changes.

5. Validation Subcommittee Update

Wayne Thayer said that the following topics were discussed on last week’s call:

  • Tim Hollebeek mentioned that SC52 version 2 was published. There was discussion about the addition of time interval calculations to the ‘conventions’ section of the BRs. Some feel that it is best to comprehensively clarify the definition of time intervals throughout the doc with this change, while others feel that the broad scope of the current ballot places too much of a burden on each CA to verify compliance.
  • Tim said that he hasn’t worked on the profiles recently.
  • Dimitris Zacharopoulos asked about removing Onion V2 address validation from the EV Guidelines. Tim said that V2 addresses are still in use. Dimitris will work with others to prepare a ballot
  • Wayne asked about method CNAME delegation to the CA and Tim said that he would send a proposal to the list.

6. NetSec Subcommittee Update

Ben Wilson said that the subcommittee discussed that the risk assessment is currently in Google sheets, but we really need a database for the task. Unfortunately we’re not aware of any inexpensive solution. Then they discussed conversion of the NetSec subcommittee to a working group. Ben has a ballot for this change ready to go into the discussion period. Ben asked if he should begin the discussion period today or wait until after the holidays. When no one responded, he said that he would start the discussion period today and try to complete voting by the 24th.

7. Ballot Status

Ballots in Discussion Period


Ballots in Voting Period


Ballots in Review Period

  • Ballot SC50: Remove the Requirements of Section 4.1.1

Draft Ballots Under Consideration

  • Ballot SC52 version 2: Specify CRL Validity Intervals in Seconds (Tim)

Wayne said that Tim published a new version of the ballot that incorporates clarifications drafted by Aaron Gable last week. Other than the disagreement mentioned earlier in the call about the scope of the change, there are no open comments, so Wayne said that he expects Tim to begin voting soon.

8. Any Other Business


9. Next call (after US Christmas holiday): January 6th, 2022 at 11AM Eastern

Adjourn; Immediately convene meeting of CA Browser Forum(same call)

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).