CA/Browser Forum
Home » Posts » 2022-10-13 Minutes of the CA/Browser Forum Teleconference

2022-10-13 Minutes of the CA/Browser Forum Teleconference

Attendees (in alphabetical order)

Aaron Poulsen (Amazon), Adam Jones (Microsoft), Bruce Morton (Entrust), Chris Clements (Google), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell (DigiCert), Corey Rasmussen (OATI), Daryn Wright (GoDaddy), David Kluge (Google), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Fumi Yoneda (Japan Registry Services), Hazhar Ismail (MSC Trustgate Sdn Bhd), Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo), Janet Hines (SecureTrust), Joanna Fox (TrustCor Systems), Johnny Reading (GoDaddy), Jos Purvis (Fastly), Karina Sirota (Microsoft), Kiran Tummala (Microsoft), Lynn Jeun (Visa), Mads Henriksveen (Buypass AS), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Michelle Coon (OATI), Nargis Mannan (SecureTrust), Paul van Brouwershaven (Entrust), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Ryan Dickson (Google), Stephen Davidson (DigiCert), Tadahiko Ito (SECOM Trust Systems), Thomas Zermeno (SSL.com), Tobias Josefowitz (Opera Software AS), Tyler Myers (GoDaddy), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yoshiro Yoneya (Japan Registry Services).

Minutes

1. Roll Call

The Chair took attendance

2. Read Antitrust Statement

The Antitrust Statement was read

3. Review Agenda

Today’s Agenda was approved.

4. Approval of Minutes of previous teleconference

The Minutes from September 29 were approved. We still have pending minutes from August 18 that were sent late yesterday. No objections were raised to approving those minutes as well.

5. Forum Infrastructure Subcommittee update

Jos Purvis gave the update mentioning that it was a very quick meeting to basically touch base and make sure things were okay. No update on the tasks the SC are working on.

6. Code Signing Certificate Working Group update

Bruce Morton gave the update.

  • There was a relatively brief meeting. Dean was re-elected as Chair of the WG. There was some discussion on the revocation of certificates based on malware. Martijn will be providing another update to the proposal.
  • The signing service discussion was pushed off for the F2F meeting in Berlin
  • There are some updates for Timestamping but the plan is to push those after the signing service changes have been processed.

7. S/MIME Certificate Working Group update

Stephen Davidson gave the update:

  • The WG managed to resolve an issue that has been outstanding for some time regarding the “shall” requirement to offer OCSP services. Some clarifications were received from the Microsoft Policy which is to say that it requires OCSP for TLS Certificates but does not intend to require it for non-TLS Certificates. So there will be some changes to the draft and reopen the discussion period.
  • Tomorrow the voting period for the single nomination for Vice Chair, Martijn will start.

8. Network Security Working Group update

Clint Wilson gave the update:

  • There was a quick discussion around the Vice Chair, there is one nomination for David and that’s in the discussion period. The voting period will start next week
  • Also discussed about topics and high-level agenda items for the F2F
  • Then the group will continue to work on security controls, physical, logical air-gapped CAs
  • There will be a new NetSec meeting invite sent out and shared with the WG Members following the F2F.

9. Any other business

  • Vice Chair nominations/status

  • There are 2 candidates for the Forum

  • F2F signups. There has been some extension in the number of people that can attend physically, but it does close next week.

10. Next call

Next meeting will take place at the F2F.

11. Adjourned

Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed

Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.6 - Ballot SMC08 - Aug 29, 2024

This ballot sets a date by which issuance of certificates following the Legacy generation profiles must cease. It also includes the following minor updates:

  • Pins the domain validation procedures to v 2.0.5 of the TLS Baseline Requirements while the ballot activity for multi-perspective validation is concluded, and the SMCWG determines its corresponding course of action;
  • Updates the reference for SmtpUTF8Mailbox from RFC 8398 to RFC 9598; and
  • Small text corrections in the Reference section

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).