2022-11-10 Minutes of the CA/Browser Forum Teleconference
Attendees (in alphabetical order)
Aaron Poulsen (Amazon), Adam Clark (Visa), Adam Jones (Microsoft), Adrian Mueller (SwissSign), Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Brittany Randall (GoDaddy), Bruce Morton (Entrust), Chris Clements (Google), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Rasmussen (OATI), Daryn Wright (GoDaddy), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Fumi Yoneda (Japan Registry Services), Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo), Jamie Mackey (US Federal PKI Management Authority), Janet Hines (SecureTrust), Joanna Fox (TrustCor Systems), Jos Purvis (Fastly), Lynn Jeun (Visa), Mads Henriksveen (Buypass AS), Marco Schambach (IdenTrust), Martijn Katerbarg (Sectigo), Nargis Mannan (SecureTrust), Paul van Brouwershaven (Entrust), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Rebecca Kelley (Apple), Ryan Dickson (Google), Tadahiko Ito (SECOM Trust Systems), Thomas Zermeno (SSL.com), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Tyler Myers (GoDaddy), Vijayakumar (Vijay) Manjunatha (eMudhra), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority).
Minutes
1. Roll Call
The Chair took attendance
2. Read Antitrust Statement
The Antitrust Statement was read
3. Review Agenda
Today’s Agenda was approved.
4. Approval of Minutes of previous teleconference
There are pending draft minutes to be delivered from October 13. Dustin Hollenback will notify Karina as she was not on this call. Minutes from the last F2F are still being drafted. If you have a presentation for the Forum-level sessions, please send to Dimitris.
5. Forum Infrastructure Subcommittee update
Jos Purvis gave the update:
- There was a bug discovered in the membership tool during the registration for the face to face that led to some duplicate name registrations that’s been resolved and corrected in the records.
- Martijn is next working on quorum calculations, which is one of the last remaining manually processed items for officers.
- Mailing list management will be next to work on, potentially pending an upgrade to our mailman system.
- Inigo raised the issue that a lot of chair responsibilities were not documented. So Jos went and published some documentation and took the opportunity to offer it in the form of a potential upgrade to our wiki. The new wiki looks very promising and will be a significant upgrade. He plans to extend access to the “development” new wiki to the larger Forum Voting and Associate Member representatives. If people are interested, please send an email to Jos.
- The Subcommittee also discussed about website page upgrades and potentially restructuring content. The goal is to preserve the long standing links https://cabrorum/org/….documents but provide pointers to the separate pages of the working groups rather than trying to maintain two copies of all the documents or two copies of the links for all the documents for all working groups.
Ben added that he worked with GoDaddy admins to upgrade the PHP from 7.4 to 8.0. The WordPress “theme” is incompatible with the new PHP version. We probably need to change the theme which means there will be a new “look and feel” of the website. If anyone has WordPress experience, knows a good theme that also works for mobile devices, please reach out to Ben.
Dimitris asked if we still have the dev wordpress site available for testing the new theme. Ben replied that he can test the new theme on-the-fly and switch it back if it doesn’t work well. The current theme is called “sahitha”.
On a different subject, Wayne mentioned that with the change of Chairs and Vice Chairs, there is some automation built on GitHub that allows officers to approve Pull Requests against their respective WGs. Permissions need to change and we are already in progress with this task. Paul received an invite which has been accepted and it looks like Kiran and David have pending invitations.
Jos added that during the transition, access to some GoogleDocs (e.g. the ones tracking ballots) needed to be reassigned.
Dimitris thanked the Infrastructure Subcommittee, lots of improvements since we started years ago.
6. Code Signing Certificate Working Group update
Bruce Morton gave the update:
- The main topic of discussion was the signing services update. There is a “base update” which is out for a last review and soliciting some endorders. And when that’s through, then we’ll look at some more complicated changes that we want to make on signing services.
7. S/MIME Certificate Working Group update
Martijn Katerbarg gave the update:
- The SMBRs ballot has passed and we are in the 60-day IPR review period
- The group discussed about a couple of potential future changes or improvements. As the group gains additional experience it will tackle any potential issues that may come up once the implementation phase starts by various CAs over the next few months.
8. Network Security Working Group update
Clint Wilson gave the update:
- There is a new calendar invite so Members of the WG should check the new link on the Member’s wiki
- Primarily the discussion was over the redline of the air-gapped CA logical and physical security requirements. Already completed a first pass. The group basically identified how the new security controls map to the old and will be doing the inverse next time, making sure the language is consistent.
9. Any other business
There is a proposal to cancel the November 24 teleconference due to a US holiday (Thanksgiving). No objections were raised so the November 24 meeting is cancelled.
There was also agreement to reverse the order of the meetings between the Forum and the Server Certificate WG.
Dimitris is also working with Paul to present a plan of tasks/actions for the next 2-years at the next meeting.
10. Next call
Next meeting will take place at December 8, 2022 at 11:00 am Eastern Time.