CA/Browser Forum
Home » Posts » 2023-07-06 Minutes of the CA/Browser Forum Teleconference

2023-07-06 Minutes of the CA/Browser Forum Teleconference

Minutes prepared by Iñigo Barreira (Sectigo).

Final meeting minutes of the Forum Call on July 6th

  1. Begin Recording – Roll Call

Named all the attendees.

Abdul Hakeem Putra – (MSC Trustgate Sdn Bhd), Abhishek Bhat – (eMudhra), Adam Jones – (Microsoft), Andrea Holland – (VikingCloud), Ben Wilson – (Mozilla), Brianca Martin – (Amazon), Chris Clements – (Google), Clint Wilson – (Apple), Corey Bonnell – (DigiCert), Corey Rasmussen – (OATI), Daryn Wright – (GoDaddy), Dimitris Zacharopoulos – (HARICA), Dustin Hollenback – (Microsoft), Enrico Entschew – (D-TRUST), Eva Vansteenberge – (GlobalSign), Fumi Yoneda – (Japan Registry Services), Inaba Atsushi – (GlobalSign), Inigo Barreira – (Sectigo), Janet Hines – (VikingCloud), Jos Purvis – (Fastly), Keshava Nagaraju – (eMudhra), Lynn Jeun – (Visa), Mads Henriksveen – (Buypass AS), Marcelo Silva – (Visa), Marco Schambach – (IdenTrust), Martijn Katerbarg – (Sectigo), Michelle Coon – (OATI), Nargis Mannan – (VikingCloud), Nate Smith – (GoDaddy), Nicol So – (CommScope), Paul van Brouwershaven – (Entrust), Pedro Fuentes – (OISTE Foundation), Peter Miskovic – (Disig), Rebecca Kelley – (Apple), RIch Smith – (DigiCert), Rollin Yu – (TrustAsia Technologies, Inc.), Roman Fischer – (SwissSign), Ryan Dickson – (Google), Scott Rea – (eMudhra), Stephen Davidson – (DigiCert), Tadahiko Ito – (SECOM Trust Systems), Thomas Zermeno – (SSL.com), Tobias Josefowitz – (Opera Software AS), Trevoli Ponds-White – (Amazon), Wayne Thayer – (Fastly), Yashwanth TM – (eMudhra).

  1. Read note-well

Note well read

  1. Review of Agenda

Agenda reviewed and approved

  1. Approval of minutes from the June 22 Teleconference (circulated June 27)

Approved

  1. Review of minutes from F2F#59 (still missing some presentations and minutes from one session)

Still missing some presentations and minutes. Need to update the attendance of the second day. Note takers to present the minutes.

Dimitris mentioned that uploaded some minutes received lately by Microsoft but can´t get the presentations so will go without the presentations. Still waiting for the SCWG charter update but will check the recording and once done can be approved in 2 weeks.

Question from Nicol about registering the attendance each day of the meeting. Paul tried to clarify how this works for this particular issue but it´s everyone´s duty to verify it.

  1. Server Certificate Working Group update (Inigo)

Updated provided by Iñigo for the SCWG and for validation SC. During the SCWG, we talked about a new member applicant, and mainly focused on the different slots for the SCWG and Forum calls. Dimitris is collecting all options but looks like the SCWG will keep this slot and maybe the Forum will move to a different one. In any case, all options will be included for the poll. Also mentioned the ongoing ballots and their status.

Regarding the validation SC, it continued the discussions on the Multi-Perspective Domain Validation and also on the delegation of the validation of domains. Corey provided a short adding to this update indicating that a couple of volunteers will come up with a threat model for this delegation.

  1. Code Signing Certificate Working Group update (Dean or Bruce)

Corey provided an update. Dean asked Corey to provide a summary. Not much discussion because some key people were absent. The main ones were the CSC18 ballot to be effective on April next year. Also to remove the TLS BRs references. High risk time stampings, EV certificate changes, transparency and x509 update were in the agenda but not touched due to have very few people on the call

  1. S/MIME Certificate Working Group update (Stephen)

We´re on te ballot voting period for CSC3 for correction and clarifications. Deal with a number of things like, KU, LEI, etc. Some clarifications on different interpretations. Closing is next Wednesday, so go to vote on that ballot. It includes the definition of the extant CAs, for replacing existing issuing CAs.

  1. Forum Infrastructure Subcommittee update (Jos)

We met last week and talk through the project list in the wiki. Working on process of tracking attendance for members in meetings using the members tool using the Webex API. And also to extend to remind people that have not attended and rely on organizations. Also on fixing automated tools in github for example for section 7 of the BRs, and need to dig into the tool to see if it’s possible to fix or figure out what to do

  1. NetSec Working Group update (Clint)

Our meeting was scheduled for 4th and thus canceled.

  1. Bylaws changes Ballot Forum-18 v3 (Dimitris)

It´s in discussion period. Dimitris indicated a minimal comment, but it´s ok now and just waiting for more comments and move to voting period

  1. SCWG charter update (Ben)

Attendance tracking and participation metrics. Ben is playing with some formulas, for voting, if have attended to meetings, membership, … the idea is to have members attending and participating, so the idea is to let them know that if not have participated contact them to know if they continue to participate, vote, etc.

  1. Any Other Business

Next F2f is in NH in US in October hosted by Globalsign. The agenda is already in the wiki. Contact Paul for feedback.

Dimitris: Secom has confirmed hosting a F2F meeting in Japan in summer 2025 and will be reflected in the wiki

Trev: to have time after the browser update to make questions. 30 minutes is a realistic time for this. And if not possible, then we can have time on thursday

Paul: Thursday at the end can have additional item for this. During Tuesday there will be an open mic to give a chance for change. But can be 10 minutes, not need to be 30.

Trev: 10 minutes will be ok

Paul: everyone has 15 minutes except Cisco, or 30 minutes except Cisco, not sure now.

Paul: have 15 minutes at the end of that

Dimitris: when the agenda is drafted is required browser to make an estimation of the time needed for each presentation. Will expect presenters to ask for more time if needed, if not, the default is 15 minutes.

Trev: one browser may have more stuff or different stuff that you need to ask for example other browsers how about that.

Dimitris: have an slot for extra presentations after the regular presentations

Paul: ask for more time than needed. Give the browser more time by default. The agenda is in early draft so provide feedback to have more detail

  1. Next call: July 20, 2023
  2. Adjourn
Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed

Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.6 - Ballot SMC08 - Aug 29, 2024

This ballot sets a date by which issuance of certificates following the Legacy generation profiles must cease. It also includes the following minor updates:

  • Pins the domain validation procedures to v 2.0.5 of the TLS Baseline Requirements while the ballot activity for multi-perspective validation is concluded, and the SMCWG determines its corresponding course of action;
  • Updates the reference for SmtpUTF8Mailbox from RFC 8398 to RFC 9598; and
  • Small text corrections in the Reference section

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).