CA/Browser Forum
Home » All CA/Browser Forum Posts » 2022-03-31 Minutes of the CA/Browser Forum Teleconference

2022-03-31 Minutes of the CA/Browser Forum Teleconference

Attendees

Adam Jones (Microsoft), Adrian Mueller (SwissSign), Amanda Mendieta (Apple), Ben Wilson (Mozilla), Brian Keogh (Microsoft), Brittany Randall (GoDaddy), Bruce Morton (Entrust), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell (Digicert), Dean Coclin (Digicert), Devon O’Brien (Google), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Fumi Yoneda (Japan Registry Services), Heather Warncke (Amazon), Hogeun Yoo (NAVER Cloud), Hubert Chao (Google), Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo), Jamie Mackey (US Federal PKI Management Authority), Joanna Fox (TrustCor Systems), Johnny Reading (GoDaddy), Jos Purvis (Cisco Systems), Karina Sirota (Microsoft), Mads Henriksveen (Buypass AS), Martijn Katerbarg (Sectigo), Michelle Coon (OATI), Miguel Sanchez (Google), Paul van Brouwershaven (Entrust), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Rae Ann Gonzales (GoDaddy), Rebecca Kelley (Apple), Renne Rodriguez (Apple), Ryan Dickson (Google), Sooyoung Eo (NAVER Cloud), Stephen Davidson (Digicert), Tadahiko Ito (SECOM Trust Systems), Trevoli Ponds-White (Amazon), Tyler Myers (GoDaddy), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yoshiro Yoneya (Japan Registry Services)Read Antitrust Statement- Jos Purvis

Minutes

Opening Procedures – Dean

  • Roll Call
  • Review Agenda

Approval of minutes of last call (3/17/2022)

  • Approved
  • Approval of minutes from face-to-face 55
  • Approved

Forum Infrastructure Subcommittee update given by Jos Purvis

  • New Membership tool code is in a private GitHub repo and being discussed and reviewed with features. It is looking promising.
  • Did DNS cutover on past Monday, which means the Forum has direct control over DNS router now. We can create DNS records for tools on our own. No issues with cutover.
  • Discussed website update. Ben has completed it, so people should review cabforum.org website and provide feedback
  • Had discussion on making manuals and flows in GitHub, including a style guide for markdown to help with best practices for ballots.

Code Signing Certificate Working Group update given by Bruce Morton

  • Closed out on ballot for weak keys and this ballot is in voting until a week from now (4/7/2022)
  • Discussion on timestamp policy- this discussion will continue next week.
  • Discussion on subscriber having issues with getting through EV code validation. This is currently being investigated to see if this will be a topic in the future.

SMIME Working Group update given by Stephen Davidson

  • At an advanced stage of the S/MIME BRs
  • Examples: exploring organizational identifier, working on ensuring that there is international coverage, clarifying the common name field and maybe the pseudonym field.
  • Started discussions on bringing this document to ballot
  • At some point in the coming weeks, the group will call a pre-ballot period for discussion for at least 30 days to read the document and review.
  • Have this completed before officer elections in the fall

NetSec Working Group given by Clint Wilson

  • Around risk assessment, specifically around assets and where assets are located and asset categories and correlating that information to risk scenarios
  • If there are individuals that are specialized in this, the group is requesting more eyes looking into the group

Any Other Business

  • If there are new members joining from your group, please fill out document on wiki to help with management list.
  • Someone is trying to scam the forum to try to join but it’s all coming from a single Gmail account. Dean is keeping an eye on it.
  • Next Meeting is April 14, 2022

F2F Meeting Schedule – 2022

  • June 6-8 – Poland (Note: Meeting dates are Mon-Weds and will be followed by the Trusted Economy Forum on Weds-Thurs), MEETING IS CONFIRMED
  • Oct 24-26 – Berlin (Note: Meeting dates are Mon-Weds and will be followed by the CA Day and TSP event on Thurs/Fri)
Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.7 - Ballot SMC09 - Nov 25, 2024

This ballot includes updates for the following: • Require pre-linting of leaf end entity Certificates starting September 15, 2025 • Require WebTrust for Network Security for audits starting after April 1, 2025 • Clarify that multiple certificatePolicy OIDs are allowed in end entity certificates • Clarify use of organizationIdentifer references • Update of Appendix A.2 Natural Person Identifiers This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Clint Wilson (Apple) and Martijn Katerbarg (Sectigo).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).