CA/Browser Forum
Home » All CA/Browser Forum Posts » 2022-08-04 Minutes of the CA/Browser Forum Teleconference

2022-08-04 Minutes of the CA/Browser Forum Teleconference

  1. Roll Call
  2. Attendance: Aaron Poulsen (Amazon Trust Services), Andrea Holland (SecureTrust), Chris Clements (Google Chrome), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell (DigiCert), Corey Rasmussen (OATI), Daryn Wright (GoDaddy), Dean Coclin (DigiCert), Dustin Hollenback (Microsoft), Enrico Entschew (D-Trust), Fumi Yoneda (JPRS), Hazhar Ismail (MSC Trustgate), Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo), Jamie Mackey (GSA FPKIMA), Johnny Reading (GoDaddy), Jos Purvis (Fastly), Kiran Tummala (Microsoft), Lynn Jeun (VISA), Mads Henriksveen (Buypass), Martijn Katerbarg (Sectigo), Michelle Coon (OATI), Mike Gunther (SwissSign), Nargis Mannan (SecureTrust), Pedro Fuentes (OISTE), Peter Miskovic (Disig), Rebecca Kelley (Apple), Ryan Dickson (Google Chrome), Stephen Davidson (DigiCert), Steven Deitte (GoDaddy), Tadahiko Ito (SECOM), Trevoli Ponds-White (Amazon Trust Services), Tyler Myers (GoDaddy), Vijay Manjunatha (eMudhra), Wayne Thayer (Fastly), Wendy Brown (FPKI), Yoshiro Yoneya (JPRS)
  3. Antitrust Statement read
  4. Review Agenda
  5. Meeting Minutes:
    1. July 21st minutes: Still being drafted
    2. F2F minutes: Approved.
  6. Infrastructure Subcommittee

Jos: Membership tool production rollout. Once it is up we will let people know so they can update their information. Phase 2 feature list: 1. automated membership signup of mailer lists 2. field to declare GitHub user id for CAB Forum business. Website Ben is working with GoDaddy to coordinate updating php backend from 7 to 8. The website is also getting a revamp of the template and restructuring of the content.

  1. CS WG

Dean: Visa applied as an interested party and has been approved. For signing services, Bruce is looking at turning the reformatted document to a ballot and is waiting on Ian for additional review. Timestamping has been tabled to wait for Ian from Microsoft to be back from vacation. For malware update, Martijn is waiting on comments from Tim Hollebeek then he will move forward with ballot.

  1. SMIME WG

Stephen: Exploring fringe cases of membership categories. There was a debate over the description of certificate consumer category in the charter and if a webhost provider meets the requirements. The resolution was to provide associate membership for a webhost provider that does not have a mail user agent. For the draft requirements, changes are being checked into the draft and last few items are being reviewed with the expected target for ballot within the next month.

  1. NetSec WG

Clint: Update on progress of Threat Assessment which is ongoing. Call for additional participation Wednesdays after Infrastructure meeting, ping David Kluge to join.

  1. Any Other Business:

Dean: Forum 18 has passed this allows for sitting Chairs and Vice Chairs to remain in those roles for only the Working Groups. We will be starting elections before August 30th. A proposal to have elections for all working group Vice Chairs and Forum Vice Chair on a single ballot. Then another separate ballot for Chairs. Reminder the ballot process is to send your vote via email to 2 separate auditors who will tally the votes.

Jos: Coordinating elections across the Working Groups makes things easier, so each WG won’t have to coordinate their own elections.

Inigo: Potential problem with the timing and holidays with August having many people away.

Dean: We have to follow the bylaws which state “At least 60 days prior to the expiration of the current Chair or Vice Chairs term.” October 30th is the expiration date. Plan is that on August 30th announce that nominations are open with two weeks for nominations and then a week for election which would be in September.

Inigo: That should work.

Dean: Reminder Vice Chair gets an automatic nomination to Chair on the Forum level unless they decline. Anyone can be nominated for Vice Chair or Chair there is no requirement that a person held a previous role. Please ensure that the person you nominate wants to be nominated.

  1. Next Call: August 18th
Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.7 - Ballot SMC09 - Nov 25, 2024

This ballot includes updates for the following: • Require pre-linting of leaf end entity Certificates starting September 15, 2025 • Require WebTrust for Network Security for audits starting after April 1, 2025 • Clarify that multiple certificatePolicy OIDs are allowed in end entity certificates • Clarify use of organizationIdentifer references • Update of Appendix A.2 Natural Person Identifiers This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Clint Wilson (Apple) and Martijn Katerbarg (Sectigo).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).