2023-04-27 Minutes of the CA/Browser Forum Teleconference

Attendees:

Aaron Gable – (Let’s Encrypt), Adam Jones – (Microsoft), Adrian Mueller – (SwissSign), Bruce Morton – (Entrust), Chad Ehlers – (IdenTrust), Chris Clements – (Google), Clint Wilson – (Apple), Daryn Wright – (GoDaddy), Dimitris Zacharopoulos – (HARICA), Doug Beattie – (GlobalSign), Dustin Hollenback – (Microsoft), Ellie Lu – (TrustAsia Technologies, Inc.), Fumi Yoneda – (Japan Registry Services), Hogeun Yoo – (NAVER Cloud), Inigo Barreira – (Sectigo), Jamie Mackey – (US Federal PKI Management Authority), Janet Hines – (VikingCloud), Joanna Fox – (TrustCor Systems), Jos Purvis – (Fastly), Karina Sirota – (Microsoft), Marco Schambach – (IdenTrust), Martijn Katerbarg – (Sectigo), Nargis Mannan – (VikingCloud), Nate Smith – (GoDaddy), Pedro Fuentes – (OISTE Foundation), Peter Miskovic – (Disig), Rebecca Kelley – (Apple), Ryan Dickson – (Google), Sissel Hoel – (Buypass AS), Sooyoung Eo – (NAVER Cloud), Stephen Davidson – (DigiCert), Tadahiko Ito – (SECOM Trust Systems), Thomas Zermeno – (SSL.com), Tim Hollebeek – (DigiCert), Tobias Josefowitz – (Opera Software AS), Tsung-Min Kuo – (Chunghwa Telecom), Wendy Brown – (US Federal PKI Management Authority), Yoshiro Yoneya – (Japan Registry Services).

Topic: Code Signing Cert WG

• Have ballot almost done
• Did not discuss
• Did not discuss removing ssl BRs
• Independent of forum IEFT is working on removing – it is in progress key attestation

Topic: SMIME Cert WG

• Going through proposed text and clarifications for an errata ballot
• In implementation CAs have expresses enterprise As are constrained to issue identity certificates only to email domains only under their control – that to issue to external they should be using mailbox validated.
• MAY 10th! – Presentation on open source Linter from Digicert including lints for SMIME baseline requirements

Topic: Forum infra sub committee

• Reviewed status on wiki migration
• Next is dev mail server to test upgrades and integrations with
• Next is Github updates

Topic: Net Sec WG

• Redline of Net Sec requirements, 3 topic areas need separated into ballots
• Sec requirements for Root Cas air gapped systems
• Intro paragraphs to explain each section and making sure the sections match the goal
• Desired Outcomes
• Working on ballot for incorporating CCM into NSRs
• Cloud Security Alliance – changes will impact everyone so will be worked widely due to impact.
• Question on timeline – Estimate is first ballot on Air gapped netsec in 6 weeks

Topic: Bylaws changes

• Github has several open issues tagged with bylaws tag.
• Ben Wilson addressed the Bylaws items.
• Added to Bylaws 2.5 branch for upcoming ballot
• Tim is working on election changes to get everything in in the next 2 weeks.

Topic: Registration for F2F 59

• Use the link and register for in person or online.
• Agenda – Paul is working to include everything out of the ordinary
• Question about in person attendee limits, noted the wiki info needs updated
• Question about hotel information available.