CA/Browser Forum
Home » All CA/Browser Forum Posts » 2022-07-07 Minutes of the CA/Browser Forum Teleconference

2022-07-07 Minutes of the CA/Browser Forum Teleconference

1. Opening Procedures – Dean Coclin

  1. Roll Call Aaron Poulsen (Amazon), Adam Jones (Microsoft), Amanda Mendieta (Apple), Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Chris Clements (Google), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell (Digicert), Corey Rasmussen (OATI), Daryn Wright (GoDaddy), Dean Coclin (Digicert), Devon O’Brien (Google), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Fumi Yoneda (Japan Registry Services), Hazhar Ismail (MSC Trustgate Sdn Bhd), Hubert Chao (Google), Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo), Jamie Mackey (US Federal PKI Management Authority), Janet Hines (SecureTrust), Joanna Fox (TrustCor Systems), Johnny Reading (GoDaddy), Jos Purvis (Cisco Systems), Karina Sirota (Microsoft), Li-Chun Chen (Chunghwa Telecom), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Michelle Coon (OATI), Nargis Mannan (SecureTrust), Paul van Brouwershaven (Entrust), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Rebecca Kelley (Apple), Sooyoung Eo (NAVER Cloud), Steven Deitte (GoDaddy), Tadahiko Ito (SECOM Trust Systems), Tobias Josefowitz (Opera Software AS), Tyler Myers (GoDaddy), Vijay Kumar (eMuhdra), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yoshiro Yoneya (Japan Registry Services)
  2. Read Antitrust Statement- Jos Purvis
  3. Review Agenda
  4. Approval of minutes of last call
  • Available shortly after this call

2. Forum Infrastructure Subcommittee update given by Jos Purvis

  • Met shortly and agreed to keep moving forward
  • Ask for members to continue testing the membership tools

3. Code Signing Certificate Working Group update given by Corey Bonnell

  • CSC 14 successfully passed IPR review and become effective last Wednesday
  • Pushed back discussion on signing service requirements due to Bruce’s absense
  • Discussion on clean up ballot with minor fixes because of PanDoc format
  • Martin from Sectigo’s revocation requirements improvements ballot was discussed very briefly

4. SMIME working group update given by Stephen Davidson

  • Canceled. No Update

5. NetSec Working Group given by Clint Wilson

  • Discussed two membership applications- SSL.Com and Fastly. Both have been approved.
  • Talked about Risk Assessment- still have some work to do on the first component of the risk assessment, but it’s getting closer. Once that is done, group will move forward to next component
  • Talked about topics from the backburner
  • Talked about redline on what cloud hosted infrastructure would mean and what the expectations are for airgapped CAs

6. Any Other Business

  • Berlin page on Wiki is open for signups and details
Latest releases
Server Certificate Requirements
SC088v3: DNS TXT Record with Persistent Value DCV Method - Nov 11, 2025

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.12 - Ballot SMC014 - Oct 13, 2025

This ballot introduces requirements that a Certificate Issuer MUST deploy DNSSEC validation back to the IANA DNSSEC root trust anchor on all DNS queries associated with CAA record lookups performed by the Primary Network Perspective, effective March 15, 2026. The ballot is intended to maintain consistency in the S/MIME Baseline Requirements with the requirements of Ballot SC-085 which implemented identical requirements in the TLS Baseline Requirements. Note: SC-085 also introduced requirements in TLS Baseline Requirements for the use of DNSSEC in domain control validation. These requirements are automatically adopted in the S/MIME BR by the email domain control methods that include a normative reference to section 3.2.2.4 of the TLS Baseline Requirements. The draft also includes minor corrections to web links in the text. This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Client Wilson (Apple) and Ashish Dhiman (GlobalSign).

Network and Certificate System Security Requirements
Version 2.0.5 (Ballot NS-008) - Jul 9, 2025

Related posts
Tags
Forum Minutes
Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).