CA/Browser Forum
Home » All CA/Browser Forum Posts » 2022-08-18 Minutes of the CA/Browser Forum Teleconference

2022-08-18 Minutes of the CA/Browser Forum Teleconference

  • Opening Procedures– Dean
  • Roll Call

Attendees: Aaron Poulsen (Amazon), Adam Jones (Microsoft), Adrian Mueller (SwissSign), Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Bruce Morton (Entrust), Chris Clements (Google), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell (Digicert), David Kluge (Google), Dustin Hollenback (Microsoft), Fumi Yoneda (Japan Registry Services), Hazhar Ismail (MSC Trustgate Sdn Bhd), Inaba Atsushi (GlobalSign), Jamie Mackey (US Federal PKI Management Authority), Janet Hines (SecureTrust), Joanna Fox (TrustCor Systems), Johnny Reading (GoDaddy), Jos Purvis (Fastly), Karina Sirota (Microsoft), Kiran Tummala (Microsoft), Li-Chun Chen (Chunghwa Telecom), Mads Henriksveen (Buypass AS), Martijn Katerbarg (Sectigo), Michael Guenther (SwissSign), Michelle Coon (OATI), Rebecca Kelley (Apple), Roman Fischer (SwissSign), Ryan Dickson (Google), Tadahiko Ito (SECOM Trust Systems), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Tyler Myers (GoDaddy), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yoshiro Yoneya (Japan Registry Services)

  • Read Antitrust Statement- Jos Purvis

  • Review Agenda

  • Approval of minutes of last call

  • Approved

  • Forum Infrastructure Subcommittee update given by Jos Purvis

The production of the membership tool and has been turned over to Martin for code implementiation

  • Code Signing Certificate Working Group update given by Bruce Morton

  • 2 ballots approved and under review

  • Clean up ballot that closed a lot of parking lot items

  • Going to move forward with work on signing service update and the requirements

  • Making a change regarding revocation due to signing malware or key compromise

  • SMIME working group update given by Mad Henriksveen

  • Get feedback on the SMIME baeline requirements draft

  • Discussed framework approach for signature methods used for identity and we removed parts of this

  • Discussed path to ballot for the SMIME BRs- plans for September

  • NetSec Working Group given by Clint Wilson

  • Talked about ballot for redline on what cloud hosted infrastructure would mean and what the expectations are for airgapped Cas vs non-airgapped CAs

  • Any Other Business:

  • Berlin page on Wiki is open for signups and details

  • Can we add discussion from browsers about post-quantum in the next face-to-face?

  • Ben agrees that it would be good to talk about since NIST selected an algorithm. Clint further agrees.

  • Jos noted that some of the first post-quantum TLS options are being pushed in sandboxes as examples but it’s still very early.

F2F Meeting Schedule

  • 2022

  • Oct 24-26 – Berlin (Note: Meeting dates are Mon-Weds and will be

followed by the CA Day and TSP event on Thurs/Fri) MEETING IS CONFIRMED.

PLEASE SIGN UP ON WIKI IF YOU ARE ATTENDING IN PERSON OR REMOTE

  • 2023

  • Spring TBD

  • June: Redmond, WA (Microsoft)

  • October: Portsmouth, NH (Globalsign)

Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.6 - Ballot SMC08 - Aug 29, 2024

This ballot sets a date by which issuance of certificates following the Legacy generation profiles must cease. It also includes the following minor updates: Pins the domain validation procedures to v 2.0.5 of the TLS Baseline Requirements while the ballot activity for multi-perspective validation is concluded, and the SMCWG determines its corresponding course of action; Updates the reference for SmtpUTF8Mailbox from RFC 8398 to RFC 9598; and Small text corrections in the Reference section

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).