CA/Browser Forum
Home » All CA/Browser Forum Posts » 2022-09-01 Minutes of the Server Certificate Working Group

2022-09-01 Minutes of the Server Certificate Working Group

Attendees

Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Bruce Morton (Entrust), Chris Clements (Google), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell (Digicert), Corey Rasmussen (OATI), Daryn Wright (GoDaddy), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Fumi Yoneda (Japan Registry Services), Hazhar Ismail (MSC Trustgate Sdn Bhd), Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo), Janet Hines (SecureTrust), Joanna Fox (TrustCor Systems), Jos Purvis (Fastly), Kiran Tummala (Microsoft), Li-Chun Chen (Chunghwa Telecom), Lynn Jeun (Visa), Mads Henriksveen (Buypass AS), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Michelle Coon (OATI), Nargis Mannan (SecureTrust), Paul van Brouwershaven (Entrust), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Rebecca Kelley (Apple), Ryan Dickson (Google), Stephen Davidson (Digicert), Tadahiko Ito (SECOM Trust Systems), Tim Hollebeek (Digicert), Trevoli Ponds-White (Amazon), Vijayakumar (Vijay) Manjunatha (eMudhra), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yoshiro Yoneya (Japan Registry Services)

Minutes

1. Read Antitrust Statement

Jos Purvis read the antitrust statement.

2. Review Agenda

No changes were made to the agenda.

3. Approval of Minutes from Last Teleconference

The minutes from the 18-August call were approved without changes.

4. Validation Subcommittee Update

Corey Bonnell said that the subcommittee had a productive meeting last week. There were two main topics, first being the review of two PRs for the certificate profiles ballot: adding “Pending Prohibition” as a defined term, and setting an effective date for the changes. The second main topic was preliminary discussions on the relationship between Subscriber/Applicant and CA when they are the same entity. In the next meeting the plan is to review BR sections where the term Applicant is used to see what can be done to clarify these relationships.

5. Ballot Status

Ballots in Discussion Period

  • None

Ballots in Voting Period

  • None

Ballots in Review Period

  • None

Draft Ballots Under Consideration

  • Revival of Debian Weak Keys

Chris Kemmerer said that Roman from SwissSign asked a question that had been previously answered about the ballot language. Chris plans to repost the ballot along with a plea for endorsers. Further discussion can occur during the formal discussion period.

  • SLO/Response for CRL & OCSP Responses

Clint Wilson said that they are planning to survey CAs via CCADB and use the responses to shape the ballot. The survey will be crafted in an upcoming meeting.

6. Any Other Business

  • Election of Chair / Vice Chair

Jos said that he is not running for reelection. Please consider nominating someone!

Doug Beattie said that he will also not run for chair.

Jos reminded everyone that you should not nominate someone without first gaining their approval to do so.

  • Interested Party Membership Applications: Baker Tilly and NENA

Jos said that both IPR agreements have been submitted and we have confirmed the authority of the signers.

Dean Coclin said that both applications are in order. No objections were raised.

  • CRL revocation reason codes

Ben said that he had posted a ‘CRL revocation reason code’ ballot proposal to the list and has one endorser. He is seeking an additional endorser.

7. Roll Call

Dean Coclin read the roll.

8. Next call: 15-September 2022 at 11AM Eastern

Adjourn; Immediately convene meeting of CA Browser Forum (same call)

Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.7 - Ballot SMC09 - Nov 25, 2024

This ballot includes updates for the following: • Require pre-linting of leaf end entity Certificates starting September 15, 2025 • Require WebTrust for Network Security for audits starting after April 1, 2025 • Clarify that multiple certificatePolicy OIDs are allowed in end entity certificates • Clarify use of organizationIdentifer references • Update of Appendix A.2 Natural Person Identifiers This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Clint Wilson (Apple) and Martijn Katerbarg (Sectigo).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).