CA/Browser Forum
Home » All CA/Browser Forum Posts » 2022-04-21 Minutes of the Code Signing Certificate Working Group

2022-04-21 Minutes of the Code Signing Certificate Working Group

Attendees

Atsushi Inaba (GlobalSign), Ben Wilson (Mozilla), Bruce Morton (Entrust), Corey Bonnell (DigiCert), Dimitris Zacharopoulos (HARICA), Ian McMillan (Microsoft), Inigo Barreira (Sectigo), Joanna Fox (TrustCor), Martijn Katerbarg (Sectigo), Michael Sykes (SSL.com), Roberto Quinones (Intel), Tim Crawford (CPA Canada/WebTrust)

Minutes

Antitrust Statement: Read by Bruce Morton

Minute Taker: Martijn Katerbarg

Minutes of the April 7th meeting were approved.

Ballot for CSBR Format Change

There was a discussion on when the discussion period for the format change should start and whether we should wait until the IPR review period of ballot CSC-13 has completed or not.

Dimitris mentioned we might need 2 redlined versions if we do, one in case the IPR period completes successfully, and one if it doesn’t. The group agrees this seem like a lot of extra work and not the way we want to move forward.

There was consensus on that we could start drafting the ballot and start a two week pre-ballot discussion based on that, after which the IPR review period of CSC-13 has passed. After this, a 7 day official discussion period can be started. Corey will take this and move forward in this way.

A question followed on how we created the redline when we did the format change on the TLS BRs. Dimitris referred to where a mapping document was used to make the conversion table.

Ballot for High Risk (Bruce/Ian)

Ian brought up our High Risk language. The way it’s written at current, doesn’t make sense with the changes CSC-13 will bring come November 15. Bruce previously sent a draft for simplified language to Ian. Bruce described the changes and will be sending the draft out to the mailing list for everybody to review.

The goal is to resolve this conflict before November 15th, with a ballot process starting when the CSBR Format Change has been completed.

Other Business

Except for a quick additional comment on the CSBR Format Change item, there was no Other Business.

The next meeting is set for May 5th.

Adjourned

Latest releases
Server Certificate Requirements
BRs/2.1.2 SC-080 V3: Sunset the use of WHOIS to identify Domain Contacts and relying DCV Methods - Dec 16, 2024

Ballot SC-080 V3: “Sunset the use of WHOIS to identify Domain Contact… (https://github.com/cabforum/servercert/pull/560) Ballot SC-080 V3: “Sunset the use of WHOIS to identify Domain Contacts and relying DCV Methods” (https://github.com/cabforum/servercert/pull/555)

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.8 - Ballot SMC010 - Dec 23, 2024

This ballot adopts Multi-Perspective Issuance Corroboration (MPIC) for CAs when conducting Email Domain Control Validation (DCV) and Certification Authority Authorization (CAA) checks for S/MIME Certificates. The Ballot adopts the MPIC implementation consistent with the TLS Baseline Requirements. Acknowledging that some S/MIME CAs with no TLS operations may require additional time to deploy MPIC, the Ballot has a Compliance Date of May 15, 2025. Following that date the implementation timeline described in TLS BR section 3.2.2.9 applies. This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Ashish Dhiman (GlobalSign) and Nicolas Lidzborski (Google).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Related posts
Tags
Code Signing Minutes
Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).