Home » All CA/Browser Forum Posts » 2023-08-31 Minutes of the Server Certificate Working Group

2023-08-31 Minutes of the Server Certificate Working Group

Attendance

Aaron Gable – (Let’s Encrypt), Aaron Poulsen – (Amazon), Abhishek Bhat – (eMudhra), Ben Wilson – (Mozilla), Bilal Ashraf – (SSL.com), Brianca Martin – (Amazon), Bruce Morton – (Entrust), Chad Ehlers – (IdenTrust), Chris Clements – (Google), Clint Wilson – (Apple), Corey Bonnell – (DigiCert), Daryn Wright – (GoDaddy), Dimitris Zacharopoulos – (HARICA), Doug Beattie – (GlobalSign), Dustin Hollenback – (Microsoft), Enrico Entschew – (D-TRUST), Fumi Yoneda – (Japan Registry Services), Inaba Atsushi – (GlobalSign), Inigo Barreira – (Sectigo), Joanna Fox – (TrustCor Systems), Johnny Reading – (GoDaddy), Jos Purvis – (Fastly), Li-Chun Chen – (Chunghwa Telecom), Lynn Jeun – (Visa), Marcelo Silva – (Visa), Martijn Katerbarg – (Sectigo), Michelle Coon – (OATI), Mrugesh Chandarana – (IdenTrust), Nargis Mannan – (VikingCloud), Nate Smith – (GoDaddy), Nicol So – (CommScope), Nome Huang – (TrustAsia Technologies, Inc.), Paul van Brouwershaven – (Entrust), Peter Miskovic – (Disig), Rebecca Kelley – (Apple), Rollin Yu – (TrustAsia Technologies, Inc.), Roman Fischer – (SwissSign), Ryan Dickson – (Google), Scott Rea – (eMudhra), Stephen Davidson – (DigiCert), Tadahiko Ito – (SECOM Trust Systems), Tobias Josefowitz – (Opera Software AS), Wayne Thayer – (Fastly), Wendy Brown – (US Federal PKI Management Authority), Yoshihiko Matsuo – (Japan Registry Services), Yoshiro Yoneya – (Japan Registry Services).

Minutes

Roll Call
Note-well: Dimitris read the note-well.
Review of Agenda There were no changes to the agenda.
Actions
- August 3rd meeting minutes approved.
- Email sent to the Server Certificate Working Group; Ben Wilson is seeking 2 endorsers.
- Discussion about certificate consumer involvement and a 6-month probationary period for new members.
- Ben Wilson clarified that subcommittees and attendance requirements.
- Membership request from SSL Network by Daniel Cooper.
- 81 open issues on GitHub; owners requested to review.
- Discussion on clarifying CA Subscribers, eliminating terms of use, and replacing with a subscriber agreement.
- Clarification of “Specified Above” in section 6.2.
- IP validation via ACME to be replaced with an actual RFP.
- Discussion on missing section 7.1.5 in BR V2.0.0.
- Discussion on fixing links in 7.1.2.10.2 and standardizing format and style in CABF documents.
- Discussion on clarifying maximum DCV and removing specific versions in references.
Any Other Business
No other business.
Next Meeting – September 14, 2023
Adjourned

Latest releases

Server Certificate Requirements
SC-081v3: Introduce Schedule of Reducing Validity and Data Reuse Periods - May 21, 2025

BR v2.1.5

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.9 - Ballot SMC011 - May 14, 2025

This ballot allows the option to use a European Unique Identifier (EUID) as a Registration Reference in the NTR Registration Scheme. The EUID uniquely identifies officially-registered organizations, Legal Entities, and branch offices within the European Union or the European Economic Area. The EUID is specified in chapter 9 of the Annex contained in the Implementing Regulation (EU) 2021/1042 which describes rules for the application of Directive (EU) 2017/1132 “relating to certain aspects of company law (codification)”. The ballot also includes several editorial corrections, (e.g., reordering of References and regrouping of information from Appendix A to Section 7.1.4.2.2 (d)). This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Adrian Mueller (SwissSign) and Adriano Santoni (Actalis).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35