CA/Browser Forum
Home » All CA/Browser Forum Posts » 2023-08-31 Minutes of the CA/Browser Forum Teleconference

2023-08-31 Minutes of the CA/Browser Forum Teleconference

Minutes prepared by Kiran Tummala (Microsoft).

Attendance

Aaron Gable – (Let’s Encrypt), Aaron Poulsen – (Amazon), Abhishek Bhat – (eMudhra), Ben Wilson – (Mozilla), Bilal Ashraf – (SSL.com), Brianca Martin – (Amazon), Bruce Morton – (Entrust), Chad Ehlers – (IdenTrust), Chris Clements – (Google), Clint Wilson – (Apple), Corey Bonnell – (DigiCert), Daryn Wright – (GoDaddy), Dimitris Zacharopoulos – (HARICA), Doug Beattie – (GlobalSign), Dustin Hollenback – (Microsoft), Enrico Entschew – (D-TRUST), Fumi Yoneda – (Japan Registry Services), Inaba Atsushi – (GlobalSign), Inigo Barreira – (Sectigo), Joanna Fox – (TrustCor Systems), Johnny Reading – (GoDaddy), Jos Purvis – (Fastly), Li-Chun Chen – (Chunghwa Telecom), Lynn Jeun – (Visa), Marcelo Silva – (Visa), Martijn Katerbarg – (Sectigo), Michelle Coon – (OATI), Mrugesh Chandarana – (IdenTrust), Nargis Mannan – (VikingCloud), Nate Smith – (GoDaddy), Nicol So – (CommScope), Nome Huang – (TrustAsia Technologies, Inc.), Paul van Brouwershaven – (Entrust), Peter Miskovic – (Disig), Rebecca Kelley – (Apple), Rollin Yu – (TrustAsia Technologies, Inc.), Roman Fischer – (SwissSign), Ryan Dickson – (Google), Scott Rea – (eMudhra), Stephen Davidson – (DigiCert), Tadahiko Ito – (SECOM Trust Systems), Tobias Josefowitz – (Opera Software AS), Wayne Thayer – (Fastly), Wendy Brown – (US Federal PKI Management Authority), Yoshihiko Matsuo – (Japan Registry Services), Yoshiro Yoneya – (Japan Registry Services).

Minutes

  1. Roll Call
  2. Note-well: Dimitris read the note-well.
  3. Review of Agenda

There were no changes to the agenda.

  1. Approval of minutes:

August 17th meeting notes were sent out with no objections and will be shared on the public list.

  1. SCWG – Inigo Barreira

GitHub open issues were discussed, and owners were reminded to check them.

Validation Subcommittee Update:

  • The Validation Subcommittee met last week.
  • Ryan reviewed multiple-purpose domain validation.
  • Discussions on changes proposed by Ben and Dustin regarding the applicant representative topic.
  • The subcommittee revisited high-priority items identified earlier this year and determined next steps.
  1. CSCWG – Bruce Morton
  • No meeting for Code Signing Certificate last week.
  • Bruce mentioned that the group is working on 5 ballots.
  • One ballot is moving SSL reference, and IPR review period ends tomorrow.
  • Drafted text for updating signing service, high-risk applications, and timestamping changes.
  • Discussion about removing references to the EV guidelines (a future ballot).
  • Key generation in hardware for students discussed, to be addressed in the October face-to-face meeting.
  1. SMIME WG – Stephen Davidson
  • Baseline requirements’ effective date is tomorrow.
  • Criteria for trust service have been established and published to align with ETSi-style audit.
  • Upcoming tweaks to the organization identifier field for organization and sponsor validated certificates for global applicability.
  • Reminder to renew S/MIME certificate working group.
  1. Forum Infrastructure Subcommittee – Jos Purvis
  • Fixed SSL certificate on the wiki server.
  • Investigating certificate monitoring for renewal issues.
  • Brief email delivery issues reported.
  • Working on Cab forum domain for improved email delivery.
  • Reviewed current issues and projects list.
  1. NetSec WG – Clint Wilson

Reviewed reorganization of network security requirements.

10. SCWG charter update No update**

  1. Separation of Forum and SCWG bi-weekly Teleconference

Dimitris will send an email to the management list and a survey to choose the best time and date for the forum.

  1. Any Other Business

No other business.

  1. Next Meeting – September 14, 2023
  2. Adjourned
Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.6 - Ballot SMC08 - Aug 29, 2024

This ballot sets a date by which issuance of certificates following the Legacy generation profiles must cease. It also includes the following minor updates: Pins the domain validation procedures to v 2.0.5 of the TLS Baseline Requirements while the ballot activity for multi-perspective validation is concluded, and the SMCWG determines its corresponding course of action; Updates the reference for SmtpUTF8Mailbox from RFC 8398 to RFC 9598; and Small text corrections in the Reference section

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Related posts
Tags
Forum Minutes
Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).