CA/Browser Forum
Home » Posts » 2023-07-20 Minutes of the Server Certificate Working Group

2023-07-20 Minutes of the Server Certificate Working Group

ServerCert WG Meeting: July 20, 2023

Attendance (from WebEx)

Aaron Gable – (Let’s Encrypt), Aaron Poulsen – (Amazon), Abdul Hakeem Putra – (MSC Trustgate Sdn Bhd), Abhishek Bhat – (eMudhra), Adam Clark – (Visa), Adam Jones – (Microsoft), Andrea Holland – (VikingCloud), Ben Wilson – (Mozilla), Bruce Morton – (Entrust), Chad Ehlers – (IdenTrust), Chris Clements – (Google), Clint Wilson – (Apple), Corey Bonnell – (DigiCert), Daryn Wright – (GoDaddy), Dean Coclin – (DigiCert), Dimitris Zacharopoulos – (HARICA), Doug Beattie – (GlobalSign), Dustin Hollenback – (Microsoft), Eva Vansteenberge – (GlobalSign), Fumi Yoneda – (Japan Registry Services), Inaba Atsushi – (GlobalSign), Inigo Barreira – (Sectigo), Jamie Mackey – (US Federal PKI Management Authority), Joanna Fox – (TrustCor Systems), Jos Purvis – (Fastly), Lynn Jeun – (Visa), Marcelo Silva – (Visa), Marco Schambach – (IdenTrust), Michelle Coon – (OATI), Miguel Sanchez – (Google), Nargis Mannan – (VikingCloud), Nate Smith – (GoDaddy), Nicol So – (CommScope), Pedro Fuentes – (OISTE Foundation), Peter Miskovic – (Disig), Rebecca Kelley – (Apple), Rollin Yu – (TrustAsia Technologies, Inc.), Roman Fischer – (SwissSign), Ryan Dickson – (Google), Tadahiko Ito – (SECOM Trust Systems), Thomas Zermeno – (SSL.com), Tim Hollebeek – (DigiCert), Tobias Josefowitz – (Opera Software AS), Wayne Thayer – (Fastly), Wendy Brown – (US Federal PKI Management Authority), Yoshiro Yoneya – (Japan Registry Services).

Minutes

  1. Note-well: Read in previous meeting.
  2. Approval of minutes:
  • F2F 59 minutes approved.
  • July 6 minutes approved.
  1. GitHub Open issues
  • 8 remaining open, three are 2-3 years old – request owners to review.
  • 11 open pull requests, three are 4-6 years old – request owners to review.
  • EVGs to RFC 3647 format – draft version is ready for suggestions and comments.
  1. Ballots
  • SC63 – Make OCSP optional, require CRLs, incentivize automation: Passed and in IPR review.
  • SC59 – Weak Keys Guidance: Failed.
  • Overall, more discussion was requested.
  • Follow up discussions are on the mailing list.
  1. Any Other Business
  2. Next call: August 3
  • Wayne and Dimitris agreed to handle calls on August 3 and August 17 as Inigo is away.
  1. Adjourn
Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed

Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.6 - Ballot SMC08 - Aug 29, 2024

This ballot sets a date by which issuance of certificates following the Legacy generation profiles must cease. It also includes the following minor updates:

  • Pins the domain validation procedures to v 2.0.5 of the TLS Baseline Requirements while the ballot activity for multi-perspective validation is concluded, and the SMCWG determines its corresponding course of action;
  • Updates the reference for SmtpUTF8Mailbox from RFC 8398 to RFC 9598; and
  • Small text corrections in the Reference section

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).