CA/Browser Forum
Home » All CA/Browser Forum Posts » 2023-01-19 Minutes of the CA/Browser Forum Teleconference

2023-01-19 Minutes of the CA/Browser Forum Teleconference

Meeting of the CA/Browser Forum

January 19, 2023

Attendance reviewed by Paul Van Brouwershaven: Aaron Poulsen – Amazon Trust Services, Adam Jones – Microsoft, Andrea Holland – VikingCloud, Atsushi Inaba – GlobalSign, Bruce Morton – Entrust, Ben Wilson – Mozilla, Chris Clements – Google Chrome, Chris Kemmerer – SSL.com, Cassie L’Heureux – GoDaddy, Clint Wilson – Apple, Corey Bonnell – DigiCert, Corey Rasmussen – OATI, Daryn Wright – GoDaddy, Doug Beattie – GlobalSign, Dustin Hollenback – Microsoft, Dimitris Zacharopoulos – HARICA, Ellie Lu – TrustAsia, Enrico Entschew – D-TRUST/ Bundesdruckerei, Lynn Jeun – VISA, Iñigo Barreira – Sectigo, Janet Hines – VikingCloud, Joanna Fox – TrustCor, Jozef Nigut – Disig, Karina Sirota Goodley – Microsoft, Kiran Tummala – Microsoft, Martijn Katerbarg – Sectigo, Michelle Coon – OATI, Miguel Sanchez – Google, Marco Schambach – IdenTrust, Marcelo Silva – Visa, Nargis Mannan – VikingCloud, Paul van Brouwershaven – Entrust, Pedro Fuentes – OISTE, Rebecca Kelley – Apple, Rollin Yu – TrustAsia, Ryan Dickson – Google Chrome, Steven Deitte – GoDaddy, Steve Topletz – Cisco, Tadahiko Ito – SECOM, Tim Hollebeek – DigiCert, Tobias Josefowitz – Opera, Trevoli Ponds-White – Amazon Trust Services, Wayne Thayer – Fastly, Fumi Yoneda – JPRS, and Yoshiro Yoneya – JPRS

Antitrust Statement read by Paul van Brouwershaven.

Review of Agenda: There were no additions.

Approval of Minutes from Last Call of January 5, 2023: minutes were approved.

Next minute-taker – Bruce Morton (February 2, 2023)

Forum Infrastructure Subcommittee update – Corey Bonnell said two main topics were discussed-wiki migration beginning in February and replacement of some GitHub tooling for generating PDF and Word documents that is being deprecated. Ben also mentioned that he had added minutes pages for working groups to the website.

Code Signing Certificate Working Group update – Janet Hines said the group worked on alternate language for the ballot on malware revocations that they would be discussing next week. Also, in section 7.1.4.2.3 there are references to the SSL/TLS Baseline Requirements that need to be removed.

S/MIME Certificate Working Group update – Martijn Katerbarg said that they were working to incorporate some requirements (not before the effective date, but sometime early in 2024). Mozilla’s potential adoption of the S/MIME BRs was also discussed.

Network Security Working Group update – Ben Wilson said that the cloud computing sub-group was reviewing the Cloud Security Alliance’s security controls matrix, and on the last NetSec WG call they developed some narrative guidance language to proceed each of the four major sections of the Network and Certificate System Security Requirements.

**Any other business: **None

Next Meeting: February 2, 2023

**Upcoming face-to-face meetings: **

****** Entrust is hosting in Ottawa, ON – February 28 – March 2, 2023 (please make sure you register!);

June 6-8, 2023 – Redmond, WA – Microsoft; and

October 3-5, 2023 – Portsmouth, NH – GlobalSign

Meeting adjourned.

Latest releases
Server Certificate Requirements
SC-081v3: Introduce Schedule of Reducing Validity and Data Reuse Periods - May 21, 2025

BR v2.1.5

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.9 - Ballot SMC011 - May 14, 2025

This ballot allows the option to use a European Unique Identifier (EUID) as a Registration Reference in the NTR Registration Scheme. The EUID uniquely identifies officially-registered organizations, Legal Entities, and branch offices within the European Union or the European Economic Area. The EUID is specified in chapter 9 of the Annex contained in the Implementing Regulation (EU) 2021/1042 which describes rules for the application of Directive (EU) 2017/1132 “relating to certain aspects of company law (codification)”. The ballot also includes several editorial corrections, (e.g., reordering of References and regrouping of information from Appendix A to Section 7.1.4.2.2 (d)). This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Adrian Mueller (SwissSign) and Adriano Santoni (Actalis).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Related posts
Tags
Forum Minutes
Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).