CA/Browser Forum
Home » Posts » 2022-07-07 Minutes of the CA/Browser Forum Teleconference

2022-07-07 Minutes of the CA/Browser Forum Teleconference

1. Opening Procedures – Dean Coclin

  1. Roll Call Aaron Poulsen (Amazon), Adam Jones (Microsoft), Amanda Mendieta (Apple), Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Chris Clements (Google), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell (Digicert), Corey Rasmussen (OATI), Daryn Wright (GoDaddy), Dean Coclin (Digicert), Devon O’Brien (Google), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Fumi Yoneda (Japan Registry Services), Hazhar Ismail (MSC Trustgate Sdn Bhd), Hubert Chao (Google), Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo), Jamie Mackey (US Federal PKI Management Authority), Janet Hines (SecureTrust), Joanna Fox (TrustCor Systems), Johnny Reading (GoDaddy), Jos Purvis (Cisco Systems), Karina Sirota (Microsoft), Li-Chun Chen (Chunghwa Telecom), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Michelle Coon (OATI), Nargis Mannan (SecureTrust), Paul van Brouwershaven (Entrust), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Rebecca Kelley (Apple), Sooyoung Eo (NAVER Cloud), Steven Deitte (GoDaddy), Tadahiko Ito (SECOM Trust Systems), Tobias Josefowitz (Opera Software AS), Tyler Myers (GoDaddy), Vijay Kumar (eMuhdra), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yoshiro Yoneya (Japan Registry Services)
  2. Read Antitrust Statement- Jos Purvis
  3. Review Agenda
  4. Approval of minutes of last call
  • Available shortly after this call

2. Forum Infrastructure Subcommittee update given by Jos Purvis

  • Met shortly and agreed to keep moving forward
  • Ask for members to continue testing the membership tools

3. Code Signing Certificate Working Group update given by Corey Bonnell

  • CSC 14 successfully passed IPR review and become effective last Wednesday
  • Pushed back discussion on signing service requirements due to Bruce’s absense
  • Discussion on clean up ballot with minor fixes because of PanDoc format
  • Martin from Sectigo’s revocation requirements improvements ballot was discussed very briefly

4. SMIME working group update given by Stephen Davidson

  • Canceled. No Update

5. NetSec Working Group given by Clint Wilson

  • Discussed two membership applications- SSL.Com and Fastly. Both have been approved.
  • Talked about Risk Assessment- still have some work to do on the first component of the risk assessment, but it’s getting closer. Once that is done, group will move forward to next component
  • Talked about topics from the backburner
  • Talked about redline on what cloud hosted infrastructure would mean and what the expectations are for airgapped CAs

6. Any Other Business

  • Berlin page on Wiki is open for signups and details
Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed

Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.6 - Ballot SMC08 - Aug 29, 2024

This ballot sets a date by which issuance of certificates following the Legacy generation profiles must cease. It also includes the following minor updates:

  • Pins the domain validation procedures to v 2.0.5 of the TLS Baseline Requirements while the ballot activity for multi-perspective validation is concluded, and the SMCWG determines its corresponding course of action;
  • Updates the reference for SmtpUTF8Mailbox from RFC 8398 to RFC 9598; and
  • Small text corrections in the Reference section

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).