2024-01-04 Minutes of the CA/Browser Forum Teleconference
Meeting of the CA/Browser Forum
January 4, 2024
1. Roll Call
Aaron Gable - (Let’s Encrypt), Adam Jones - (Microsoft), Andrea Holland - (VikingCloud), Ben Wilson - (Mozilla), Brianca Martin - (Amazon), Cade Cairns - (Google), Chris Clements - (Google), Christophe Bonjean - (GlobalSign), Clint Wilson - (Apple), Corey Bonnell - (DigiCert), Corey Rasmussen - (OATI), David Kluge - (Google), Dean Coclin - (DigiCert), Dimitris Zacharopoulos - (HARICA), Doug Beattie - (GlobalSign), Dustin Hollenback - (Microsoft), Enrico Entschew - (D-TRUST), Inaba Atsushi - (GlobalSign), Johnny Reading - (GoDaddy), Karina Sirota - (Microsoft), Kiran Tummala - (Microsoft), Lucy Buecking - (IdenTrust), Lynn Jeun - (Visa), Mads Henriksveen - (Buypass AS), Marcelo Silva - (Visa), Marco Schambach - (IdenTrust), Mark Nelson - (IdenTrust), Martijn Katerbarg - (Sectigo), Michelle Coon - (OATI), Mrugesh Chandarana - (IdenTrust), Nargis Mannan - (VikingCloud), Nicol So - (CommScope), Nome Huang - (TrustAsia), Paul van Brouwershaven - (Entrust), Peter Miskovic - (Disig), Rebecca Kelley - (Apple), Rollin Yu - (TrustAsia), Roman Fischer - (SwissSign), Scott Rea - (eMudhra), Stephen Davidson - (DigiCert), Steven Deitte - (GoDaddy), Tadahiko Ito - (SECOM Trust Systems), Thomas Zermeno - (SSL.com), Tim Hollebeek - (DigiCert), Trevoli Ponds-White - (Amazon), Wayne Thayer - (Fastly), Wendy Brown - (US Federal PKI Management Authority), Yoshihiko Matsuo - (Japan Registry Services).
2. Read note-well
Dimitris read the note-well
3. Review of Agenda
Agenda was approved without modifications
4. Approval of minutes from the December 7, 2023 Teleconference
Minutes were just distributed. They will be considered for approval at the next Teleconference
5. Server Certificate Working Group update
No updates reported.
Validation Committee:
Met on Dec 16th.
Meeting minutes sent out; discussion on automating EV validation.
DNS-based validation method discussed for further automation.
6. Code Signing Certificate Working Group update
Discussed signing service and high-risk check ballot.
Two ballots proposed simultaneously: signing service and high-risk check.
Discussion period ends on Jan 5th.
7. S/MIME Certificate Working Group update
SMC 05 ballot in discussion period introducing CAA for publicly trusted S/MIME. Dates for adoption: Feb 15th, 2024, and March 15th, 2025.
New ballot for RFC 9495 implementation.
SMC 06 ballot for clarification and corrections.
Reviewing language on Organization Identifier in the subject for EV.
8. Forum Infrastructure Subcommittee update
???
9. NetSec Working Group update
Met on Dec 19th.
Timeline for section 4 ballots.
Updates on the memorandum of understanding from Cloud Security Alliance expected soon.
10. CSCWG charter update
???
11. Survey for the separation of Forum and SCWG bi-weekly Teleconference
Received 21 votes; election closing on Monday.
Trustees (Wayne and Martijn) to process votes.
12. Any Other Business
Dimitris highlighted the need to improve the Guidelines based on public incidents, namely incidents in Bugzilla.
- Identified a recurring theme in several incidents, often stemming from a misunderstanding of the requirements.
- Dimitris emphasized the rarity of deliberate violations and highlighted the need to raise awareness within the working groups.
- Suggested proactively monitoring these incidents to identify repeated patterns and failures, with the goal of addressing misunderstandings.
- Advocated for creating issues to facilitate a review and potential refinement of the language in those problematic areas.
- Emphasized the importance of making language more accessible and understandable to reduce misunderstandings and potential issues for Certification Authorities (CAs).
Next call is January 18, 2024. Meeting adjourned.