CA/Browser Forum
Home » All CA/Browser Forum Posts » 2024-02-01 Minutes of the CA/Browser Forum Teleconference

2024-02-01 Minutes of the CA/Browser Forum Teleconference

Meeting of the CA/Browser Forum

February 1, 2024

1. Roll Call Aaron Gable - (Let’s Encrypt), Aaron Poulsen - (Amazon), Abhishek Bhat - (eMudhra), Adam Jones - (Microsoft), Andrea Holland - (VikingCloud), Antti Backman - (Telia Company), Ben Wilson - (Mozilla), Bindi Davé - (DigiCert), Brianca Martin - (Amazon), Bruce Morton - (Entrust), Chris Clements - (Google), Clint Wilson - (Apple), Corey Bonnell - (DigiCert), Corey Rasmussen - (OATI), David Kluge - (Google), Dean Coclin - (DigiCert), Dimitris Zacharopoulos - (HARICA), Doug Beattie - (GlobalSign), Dustin Hollenback - (Microsoft), Enrico Entschew - (D-TRUST), Fumi Yoneda - (Japan Registry Services), Inaba Atsushi - (GlobalSign), Inigo Barreira - (Sectigo), Jos Purvis - (Fastly), Karina Sirota - (Microsoft), Keshava Nagaraju - (eMudhra), Mads Henriksveen - (Buypass AS), Marco Schambach - (IdenTrust), Martijn Katerbarg - (Sectigo), Michelle Coon - (OATI), Miguel Sanchez - (Google), Nargis Mannan - (VikingCloud), Nate Smith - (GoDaddy), Naveen Kumar - (eMudhra), Nicol So - (CommScope), Nome Huang - (TrustAsia), Paul van Brouwershaven - (Entrust), Peter Miskovic - (Disig), Rebecca Kelley - (Apple), RIch Smith - (DigiCert), Rollin Yu - (TrustAsia), Roman Fischer - (SwissSign), Scott Rea - (eMudhra), Sissel Hoel - (Buypass AS), Stephen Davidson - (DigiCert), Tadahiko Ito - (SECOM Trust Systems), Thomas Zermeno - (SSL.com), Tim Hollebeek - (DigiCert), Tobias Josefowitz - (Opera Software AS), Trevoli Ponds-White - (Amazon), Wayne Thayer - (Fastly), Wendy Brown - (US Federal PKI Management Authority), Yashwanth TM - (eMudhra), Yoshihiko Matsuo - (Japan Registry Services).

Dimitris commenced the Forum teleconference, checking changes to the roll call.

Inigo gave overview of Server Cert WG ballot status.

Bruce Morton gave overview of Code Signing WG. He described two ballots in IPR (signing service and high risk). Working on ballot for timestamping language improvement. Dimitris is working on EVG mapping to CSBR.

Stephen Davidson gave overview of S/MIME Cert WG, noting that SMC05 on CAA would exit IPR on February 16 and the WG would move to the clarifications ballot SMC06 shortly thereafter, which has been much discussed. Dimitris asked if there was a rule for when ballots were bundled vs single issue. Stephen noted that in general the SMCWG would focus on a regular cadence of ballots, and only have standalone ones on major changes such as adoption of CAA.

Jos Purvis gave update on Infrastructure WG work including important updates to the email server. He also described the website proposal from Paul, for which it seems there is general support. The WG is discussing what a switch would entail.

Clint Wilson gave overview of the NetSec WG, which includes ongoing review of the proposed edits, with recent conversations focusing on MFA and multiparty control.

Dimitris discussed the New Delhi F2F agenda, which is on the wiki, and welcomed additional topics from members. Tim reminded chairs that it’s useful to summarise their WG’s work since last F2F and roadmap for near future.

On any other business, Paul noted that he’d like to move over to the new website as soon as possible if there is no objection to avoid maintenance of two platforms. There was discussion regarding transition and it was agreed that the Infrastructure WG would make the required decisions and keep the Forum informed.

Next call is February 15, 2024. Meeting adjourned.

Latest releases
Server Certificate Requirements
SC097: Sunset all remaining use of SHA-1 signatures in Certificates and CRLs - Feb 25, 2026

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.13 - Ballot SMC015v2 - Mar 28, 2026

This ballot introduces requirements that a CA or RA must follow to rely upon a Mobile Drivers License (mDL) to provide evidence for the authentication of individual identity. It allows the use of mDL that conform to ISO/IEC 18013-5 and which may be verified by the CA or RA in conformance with ISO/IEC 18013-7. The CA or RA shall only accept mDL from an Issuing Authority that is legally authorized by the relevant government or jurisdiction to issue driving licenses. The draft also aligns the subsections of 3.2.4.2 (Validation of individual identity) to correspond more closely with those in 3.2.4.1 (Attribute collection of individual identity). It also includes minor editorial corrections. SMC015v2 was updated to remove an additional reference to the superceded ETSI EN 319 403. This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Ben Wilson (Mozilla) and Scott Rea (eMudhra).

Network and Certificate System Security Requirements
Version 2.0.5 (Ballot NS-008) - Jul 9, 2025

Related posts
Tags
Forum Minutes
Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).