2022-08-18 Minutes of the CA/Browser Forum Teleconference
- Opening Procedures– Dean
- Roll Call
Attendees: Aaron Poulsen (Amazon), Adam Jones (Microsoft), Adrian Mueller (SwissSign), Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Bruce Morton (Entrust), Chris Clements (Google), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell (Digicert), David Kluge (Google), Dustin Hollenback (Microsoft), Fumi Yoneda (Japan Registry Services), Hazhar Ismail (MSC Trustgate Sdn Bhd), Inaba Atsushi (GlobalSign), Jamie Mackey (US Federal PKI Management Authority), Janet Hines (SecureTrust), Joanna Fox (TrustCor Systems), Johnny Reading (GoDaddy), Jos Purvis (Fastly), Karina Sirota (Microsoft), Kiran Tummala (Microsoft), Li-Chun Chen (Chunghwa Telecom), Mads Henriksveen (Buypass AS), Martijn Katerbarg (Sectigo), Michael Guenther (SwissSign), Michelle Coon (OATI), Rebecca Kelley (Apple), Roman Fischer (SwissSign), Ryan Dickson (Google), Tadahiko Ito (SECOM Trust Systems), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Tyler Myers (GoDaddy), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yoshiro Yoneya (Japan Registry Services)
Read Antitrust Statement- Jos Purvis
Review Agenda
Approval of minutes of last call
Approved
Forum Infrastructure Subcommittee update given by Jos Purvis
The production of the membership tool and has been turned over to Martin for code implementiation
Code Signing Certificate Working Group update given by Bruce Morton
2 ballots approved and under review
Clean up ballot that closed a lot of parking lot items
Going to move forward with work on signing service update and the requirements
Making a change regarding revocation due to signing malware or key compromise
SMIME working group update given by Mad Henriksveen
Get feedback on the SMIME baeline requirements draft
Discussed framework approach for signature methods used for identity and we removed parts of this
Discussed path to ballot for the SMIME BRs- plans for September
NetSec Working Group given by Clint Wilson
Talked about ballot for redline on what cloud hosted infrastructure would mean and what the expectations are for airgapped Cas vs non-airgapped CAs
Any Other Business:
Berlin page on Wiki is open for signups and details
Can we add discussion from browsers about post-quantum in the next face-to-face?
Ben agrees that it would be good to talk about since NIST selected an algorithm. Clint further agrees.
Jos noted that some of the first post-quantum TLS options are being pushed in sandboxes as examples but it’s still very early.
F2F Meeting Schedule
2022
Oct 24-26 – Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri) MEETING IS CONFIRMED.
PLEASE SIGN UP ON WIKI IF YOU ARE ATTENDING IN PERSON OR REMOTE
2023
Spring TBD
June: Redmond, WA (Microsoft)
October: Portsmouth, NH (Globalsign)