2023-08-31 Minutes of the CA/Browser Forum Teleconference

Minutes prepared by Kiran Tummala (Microsoft).

Attendance

Aaron Gable – (Let’s Encrypt), Aaron Poulsen – (Amazon), Abhishek Bhat – (eMudhra), Ben Wilson – (Mozilla), Bilal Ashraf – (SSL.com), Brianca Martin – (Amazon), Bruce Morton – (Entrust), Chad Ehlers – (IdenTrust), Chris Clements – (Google), Clint Wilson – (Apple), Corey Bonnell – (DigiCert), Daryn Wright – (GoDaddy), Dimitris Zacharopoulos – (HARICA), Doug Beattie – (GlobalSign), Dustin Hollenback – (Microsoft), Enrico Entschew – (D-TRUST), Fumi Yoneda – (Japan Registry Services), Inaba Atsushi – (GlobalSign), Inigo Barreira – (Sectigo), Joanna Fox – (TrustCor Systems), Johnny Reading – (GoDaddy), Jos Purvis – (Fastly), Li-Chun Chen – (Chunghwa Telecom), Lynn Jeun – (Visa), Marcelo Silva – (Visa), Martijn Katerbarg – (Sectigo), Michelle Coon – (OATI), Mrugesh Chandarana – (IdenTrust), Nargis Mannan – (VikingCloud), Nate Smith – (GoDaddy), Nicol So – (CommScope), Nome Huang – (TrustAsia Technologies, Inc.), Paul van Brouwershaven – (Entrust), Peter Miskovic – (Disig), Rebecca Kelley – (Apple), Rollin Yu – (TrustAsia Technologies, Inc.), Roman Fischer – (SwissSign), Ryan Dickson – (Google), Scott Rea – (eMudhra), Stephen Davidson – (DigiCert), Tadahiko Ito – (SECOM Trust Systems), Tobias Josefowitz – (Opera Software AS), Wayne Thayer – (Fastly), Wendy Brown – (US Federal PKI Management Authority), Yoshihiko Matsuo – (Japan Registry Services), Yoshiro Yoneya – (Japan Registry Services).

Minutes

1. Roll Call
2. Note-well: Dimitris read the note-well.
3. Review of Agenda

There were no changes to the agenda.

4. Approval of minutes:

August 17th meeting notes were sent out with no objections and will be shared on the public list.

5. SCWG – Inigo Barreira

GitHub open issues were discussed, and owners were reminded to check them.

Validation Subcommittee Update:

• The Validation Subcommittee met last week.
• Ryan reviewed multiple-purpose domain validation.
• Discussions on changes proposed by Ben and Dustin regarding the applicant representative topic.
• The subcommittee revisited high-priority items identified earlier this year and determined next steps.

6. CSCWG – Bruce Morton

• No meeting for Code Signing Certificate last week.
• Bruce mentioned that the group is working on 5 ballots.
• One ballot is moving SSL reference, and IPR review period ends tomorrow.
• Drafted text for updating signing service, high-risk applications, and timestamping changes.
• Discussion about removing references to the EV guidelines (a future ballot).
• Key generation in hardware for students discussed, to be addressed in the October face-to-face meeting.

7. SMIME WG – Stephen Davidson

• Baseline requirements’ effective date is tomorrow.
• Criteria for trust service have been established and published to align with ETSi-style audit.
• Upcoming tweaks to the organization identifier field for organization and sponsor validated certificates for global applicability.
• Reminder to renew S/MIME certificate working group.

8. Forum Infrastructure Subcommittee – Jos Purvis

• Fixed SSL certificate on the wiki server.
• Investigating certificate monitoring for renewal issues.
• Brief email delivery issues reported.
• Working on Cab forum domain for improved email delivery.
• Reviewed current issues and projects list.

9. NetSec WG – Clint Wilson

Reviewed reorganization of network security requirements.

10. SCWG charter update No update**

1. Separation of Forum and SCWG bi-weekly Teleconference

Dimitris will send an email to the management list and a survey to choose the best time and date for the forum.

12. Any Other Business

No other business.

13. Next Meeting – September 14, 2023
14. Adjourned