CA/Browser Forum
Home » All CA/Browser Forum Posts » 2022-08-04 Minutes of the Server Certificate Working Group

2022-08-04 Minutes of the Server Certificate Working Group

Attendees

Aaron Poulsen (Amazon), Andrea Holland (SecureTrust), Chris Clements (Google), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell (Digicert), Corey Rasmussen (OATI), Daryn Wright (GoDaddy), Dean Coclin (Digicert), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Fumi Yoneda (Japan Registry Services), Hazhar Ismail (MSC Trustgate Sdn Bhd), Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo), Johnny Reading (GoDaddy), Jos Purvis (Fastly), Kiran Tummala (Microsoft), Lynn Jeun (Visa), Mads Henriksveen (Buypass AS), Martijn Katerbarg (Sectigo), Michael Guenther (SwissSign), Michelle Coon (OATI), Nargis Mannan (SecureTrust), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Rebecca Kelley (Apple), Ryan Dickson (Google), Stephen Davidson (Digicert), Steven Deitte (GoDaddy), Tadahiko Ito (SECOM Trust Systems), Trevoli Ponds-White (Amazon), Tyler Myers (GoDaddy), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yoshiro Yoneya (Japan Registry Services)

Minutes

1. Read Antitrust Statement

Jos Purvis read the antitrust statement.

2. Review Agenda

No changes were made to the agenda.

3. Approval of Minutes from Last Teleconference

The minutes from the 21-July call were approved without changes.

Jos said that the content of the Warsaw face-to-face minutes is on the wiki and complete.

Dean Coclin said that the linked presentations and attendance have been added.

Jos asked if we are ready to approve, and Wayne Thayer said we should approve.

The minutes of the face-to-face were approved, and will be published to the public mailing list.

4. Validation Subcommittee Update

Corey Bonnell said that the subcommittee met last Thursday. They spent the whole time reviewing tasks in the GitHub project, moving some to on-deck and closing others. At the next meeting we’ll prioritize the on-deck items.

5. Ballot Status

Ballots in Discussion Period

  • None

Ballots in Voting Period

  • None

Ballots in Review Period

  • None

Draft Ballots Under Consideration

  • Revival of Debian Weak Keys

Chris Kemmerer said he had a request for further discussion from Martijn Katerbarg about referencing external tools. We have a dedicated page on the website. It might be a good idea to reference those tools in the BRs, but that reference doesn’t need to be buried in section 6.1.1.3. Chris said that he is still seeking endorsers.

  • SLO/Response for CRL & OCSP Responses

David Kluge was not on the call. Clint Wilson said that there will be more discussion later today.

6. Any Other Business

  • Interested Party Review

Jos said that Tanat Tonguthaisri from Southeast Asia University in Thailand submitted the IPR agreement and will become an individual interested party.

7. Roll Call

Dean Coclin read the roll.

8. Next call: 18-August 2022 at 11AM Eastern

Adjourn; Immediately convene meeting of CA Browser Forum (same call)

Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.7 - Ballot SMC09 - Nov 25, 2024

This ballot includes updates for the following: • Require pre-linting of leaf end entity Certificates starting September 15, 2025 • Require WebTrust for Network Security for audits starting after April 1, 2025 • Clarify that multiple certificatePolicy OIDs are allowed in end entity certificates • Clarify use of organizationIdentifer references • Update of Appendix A.2 Natural Person Identifiers This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Clint Wilson (Apple) and Martijn Katerbarg (Sectigo).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).