CA/Browser Forum
Home » All CA/Browser Forum Posts » 2023-08-31 Minutes of the CA/Browser Forum Teleconference

2023-08-31 Minutes of the CA/Browser Forum Teleconference

Minutes prepared by Kiran Tummala (Microsoft).

Attendance

Aaron Gable – (Let’s Encrypt), Aaron Poulsen – (Amazon), Abhishek Bhat – (eMudhra), Ben Wilson – (Mozilla), Bilal Ashraf – (SSL.com), Brianca Martin – (Amazon), Bruce Morton – (Entrust), Chad Ehlers – (IdenTrust), Chris Clements – (Google), Clint Wilson – (Apple), Corey Bonnell – (DigiCert), Daryn Wright – (GoDaddy), Dimitris Zacharopoulos – (HARICA), Doug Beattie – (GlobalSign), Dustin Hollenback – (Microsoft), Enrico Entschew – (D-TRUST), Fumi Yoneda – (Japan Registry Services), Inaba Atsushi – (GlobalSign), Inigo Barreira – (Sectigo), Joanna Fox – (TrustCor Systems), Johnny Reading – (GoDaddy), Jos Purvis – (Fastly), Li-Chun Chen – (Chunghwa Telecom), Lynn Jeun – (Visa), Marcelo Silva – (Visa), Martijn Katerbarg – (Sectigo), Michelle Coon – (OATI), Mrugesh Chandarana – (IdenTrust), Nargis Mannan – (VikingCloud), Nate Smith – (GoDaddy), Nicol So – (CommScope), Nome Huang – (TrustAsia Technologies, Inc.), Paul van Brouwershaven – (Entrust), Peter Miskovic – (Disig), Rebecca Kelley – (Apple), Rollin Yu – (TrustAsia Technologies, Inc.), Roman Fischer – (SwissSign), Ryan Dickson – (Google), Scott Rea – (eMudhra), Stephen Davidson – (DigiCert), Tadahiko Ito – (SECOM Trust Systems), Tobias Josefowitz – (Opera Software AS), Wayne Thayer – (Fastly), Wendy Brown – (US Federal PKI Management Authority), Yoshihiko Matsuo – (Japan Registry Services), Yoshiro Yoneya – (Japan Registry Services).

Minutes

  1. Roll Call
  2. Note-well: Dimitris read the note-well.
  3. Review of Agenda

There were no changes to the agenda.

  1. Approval of minutes:

August 17th meeting notes were sent out with no objections and will be shared on the public list.

  1. SCWG – Inigo Barreira

GitHub open issues were discussed, and owners were reminded to check them.

Validation Subcommittee Update:

  • The Validation Subcommittee met last week.
  • Ryan reviewed multiple-purpose domain validation.
  • Discussions on changes proposed by Ben and Dustin regarding the applicant representative topic.
  • The subcommittee revisited high-priority items identified earlier this year and determined next steps.
  1. CSCWG – Bruce Morton
  • No meeting for Code Signing Certificate last week.
  • Bruce mentioned that the group is working on 5 ballots.
  • One ballot is moving SSL reference, and IPR review period ends tomorrow.
  • Drafted text for updating signing service, high-risk applications, and timestamping changes.
  • Discussion about removing references to the EV guidelines (a future ballot).
  • Key generation in hardware for students discussed, to be addressed in the October face-to-face meeting.
  1. SMIME WG – Stephen Davidson
  • Baseline requirements’ effective date is tomorrow.
  • Criteria for trust service have been established and published to align with ETSi-style audit.
  • Upcoming tweaks to the organization identifier field for organization and sponsor validated certificates for global applicability.
  • Reminder to renew S/MIME certificate working group.
  1. Forum Infrastructure Subcommittee – Jos Purvis
  • Fixed SSL certificate on the wiki server.
  • Investigating certificate monitoring for renewal issues.
  • Brief email delivery issues reported.
  • Working on Cab forum domain for improved email delivery.
  • Reviewed current issues and projects list.
  1. NetSec WG – Clint Wilson

Reviewed reorganization of network security requirements.

10. SCWG charter update No update**

  1. Separation of Forum and SCWG bi-weekly Teleconference

Dimitris will send an email to the management list and a survey to choose the best time and date for the forum.

  1. Any Other Business

No other business.

  1. Next Meeting – September 14, 2023
  2. Adjourned
Latest releases
Server Certificate Requirements
SC-081v3: Introduce Schedule of Reducing Validity and Data Reuse Periods - May 21, 2025

BR v2.1.5

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.9 - Ballot SMC011 - May 14, 2025

This ballot allows the option to use a European Unique Identifier (EUID) as a Registration Reference in the NTR Registration Scheme. The EUID uniquely identifies officially-registered organizations, Legal Entities, and branch offices within the European Union or the European Economic Area. The EUID is specified in chapter 9 of the Annex contained in the Implementing Regulation (EU) 2021/1042 which describes rules for the application of Directive (EU) 2017/1132 “relating to certain aspects of company law (codification)”. The ballot also includes several editorial corrections, (e.g., reordering of References and regrouping of information from Appendix A to Section 7.1.4.2.2 (d)). This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Adrian Mueller (SwissSign) and Adriano Santoni (Actalis).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).