CA/Browser Forum
Home » All CA/Browser Forum Posts » 2023-07-20 Minutes of the CA/Browser Forum Teleconference

2023-07-20 Minutes of the CA/Browser Forum Teleconference

Minutes prepared by Andrea Holland (VikingCloud).

CAB Forum Meeting: July 20, 2023

Attendance

Aaron Gable – (Let’s Encrypt), Aaron Poulsen – (Amazon), Abdul Hakeem Putra – (MSC Trustgate Sdn Bhd), Abhishek Bhat – (eMudhra), Adam Clark – (Visa), Adam Jones – (Microsoft), Andrea Holland – (VikingCloud), Ben Wilson – (Mozilla), Bruce Morton – (Entrust), Chad Ehlers – (IdenTrust), Chris Clements – (Google), Clint Wilson – (Apple), Corey Bonnell – (DigiCert), Daryn Wright – (GoDaddy), Dean Coclin – (DigiCert), Dimitris Zacharopoulos – (HARICA), Doug Beattie – (GlobalSign), Dustin Hollenback – (Microsoft), Eva Vansteenberge – (GlobalSign), Fumi Yoneda – (Japan Registry Services), Inaba Atsushi – (GlobalSign), Inigo Barreira – (Sectigo), Jamie Mackey – (US Federal PKI Management Authority), Joanna Fox – (TrustCor Systems), Jos Purvis – (Fastly), Lynn Jeun – (Visa), Marcelo Silva – (Visa), Marco Schambach – (IdenTrust), Michelle Coon – (OATI), Miguel Sanchez – (Google), Nargis Mannan – (VikingCloud), Nate Smith – (GoDaddy), Nicol So – (CommScope), Pedro Fuentes – (OISTE Foundation), Peter Miskovic – (Disig), Rebecca Kelley – (Apple), Rollin Yu – (TrustAsia Technologies, Inc.), Roman Fischer – (SwissSign), Ryan Dickson – (Google), Tadahiko Ito – (SECOM Trust Systems), Thomas Zermeno – (SSL.com), Tim Hollebeek – (DigiCert), Tobias Josefowitz – (Opera Software AS), Wayne Thayer – (Fastly), Wendy Brown – (US Federal PKI Management Authority), Yoshiro Yoneya – (Japan Registry Services).** **

Minutes

  1. Note-well: Dimitris Z. read.
  2. Approval of minutes:

– July 6 minutes approved.

– F2F 59 minutes approved.

  1. SCWG – Inigo B.

– Discussed open issues in GitHub which need labels to help focus on items for the cleanup ballot.

– Ballots

  1. SC59 – Weak Keys Guidance: Failed.
  2. SC63 – Make OCSP optional, require CRLs, incentivize automation: Passed and in IPR review.

– Validation Subcommittee

  1. Discussed Multi Perspective Domain Validation.

  2. Princeton University in process of signing IPR.

  3. Domain validation threat modeling team are defining the framework.

  4. CSWG – Dean C.

– Remove TLS BR references and which x.509 reference to use – ballot in discussion period.

– Other open issues are waiting on Ian to return.

– Adobe requested as Interested Party – will be discussing it next meeting.

  1. SMIME WG – Tim H.

– Not much activity until SMIME BRs deadline has passed in September.

– For meetings until September we will be discussing any BR items that need interpretation or items that need to be clarified.

– One item discussed – Can a QIIS be used for phone numbers for organizations like EV Guidelines allow? Interpretation is yes, it is allowed and this will have later be clarified.

  1. Forum Infrastructure Subcommittee – Jos P.

– Reviewed the current project list.

– Resolution for fixing up table issues in BR.

  1. Document markdown guidelines page created on the wiki.
  2. This is a collaborative resource for everyone to use and provide assistance.

– Attendance tracking question is in a holding pattern.

– On-boarding instruction path is next to review the process.

– Modifications to analytics for CAB Forum website

  1. Past analytics was more detailed collected user information, but hasn’t been working for a long time.
  2. Reviewed analytics use and decided that only a simple analytics is needed on stats of pages viewed and what parts are viewed to provide an understanding of what content/resources are useful.
  3. New analytics plugin does not collect user information only page view analytics.

– Dimitris Z.– will reach out to Martijn about handling tracking votes and member tool portal to make sure the voting representative is who casts the vote. This process is currently manual.

  1. NetSec WG – Clint W.

– 2 ballots are in progress

  1. CSA/CCM incorporation of section 4 – text is ready for review and will be shared on all WGs mailing lists.

  2. Restructuring and reformatting – text is in progress, hopefully ready before next meeting.

  3. Ballots

– Forum-18 – Update CA/B Forum Bylaws to version 2.5: Passed

  1. Dimitris is checking on if it requires IPR review.

  2. Will notify on forum’s public mailing list.

  3. Request that all WG chairs review to make sure they follow the new rules.

  4. SCWG charter – defer to next meeting.

  5. Any Other

– Reminder for February 26-28 F2F in India the dates are Monday – Wednesday.

– October F2F in Portsmouth, NH – hotel information has been added, please register.

  1. Next Meeting – August 3
  2. Adjourned
Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.7 - Ballot SMC09 - Nov 25, 2024

This ballot includes updates for the following: • Require pre-linting of leaf end entity Certificates starting September 15, 2025 • Require WebTrust for Network Security for audits starting after April 1, 2025 • Clarify that multiple certificatePolicy OIDs are allowed in end entity certificates • Clarify use of organizationIdentifer references • Update of Appendix A.2 Natural Person Identifiers This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Clint Wilson (Apple) and Martijn Katerbarg (Sectigo).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).