CA/Browser Forum
Home » All CA/Browser Forum Posts » 2024-02-15 Minutes of the CA/Browser Forum Teleconference

2024-02-15 Minutes of the CA/Browser Forum Teleconference

CA/Browser Forum Teleconference

February 15, 2024

1. Roll Call

Aaron Gable - (Let’s Encrypt), Aaron Poulsen - (Amazon), Abhishek Bhat - (eMudhra), Adam Jones - (Microsoft), Adrian Mueller - (SwissSign), Antti Backman - (Telia Company), Brianca Martin - (Amazon), Brittany Randall - (GoDaddy), Bruce Morton - (Entrust), Chris Clements - (Google), Clint Wilson - (Apple), Corey Bonnell - (DigiCert), Corey Rasmussen - (OATI), David Kluge - (Google), Dean Coclin - (DigiCert), Dimitris Zacharopoulos - (HARICA), Doug Beattie - (GlobalSign), Dustin Hollenback - (Microsoft), Enrico Entschew - (D-TRUST), Eva Vansteenberge - (GlobalSign), Gregory Tomko - (GlobalSign), Inaba Atsushi - (GlobalSign), Inigo Barreira - (Sectigo), Jaime Hablutzel - (OISTE Foundation), Johnny Reading - (GoDaddy), Jos Purvis - (Fastly), Karina Sirota - (Microsoft), Keshava Nagaraju - (eMudhra), Kiran Tummala - (Microsoft), Lynn Jeun - (Visa), Mads Henriksveen - (Buypass AS), Marcelo Silva - (Visa), Marco Schambach - (IdenTrust), Mark Nelson - (IdenTrust), Martijn Katerbarg - (Sectigo), Michelle Coon - (OATI), Miguel Sanchez - (Google), Mrugesh Chandarana - (IdenTrust), Nargis Mannan - (VikingCloud), Nate Smith - (GoDaddy), Nicol So - (CommScope), Pedro Fuentes - (OISTE Foundation), Peter Miskovic - (Disig), Rebecca Kelley - (Apple), RIch Smith - (DigiCert), Rollin Yu - (TrustAsia), Roman Fischer - (SwissSign), Sandy Balzer - (SwissSign), Stephen Davidson - (DigiCert), Tadahiko Ito - (SECOM Trust Systems), Tathan Thacker - (IdenTrust), Thomas Zermeno - (SSL.com), Tobias Josefowitz - (Opera Software AS), Trevoli Ponds-White - (Amazon), Tsung-Min Kuo - (Chunghwa Telecom), Wayne Thayer - (Fastly), Wendy Brown - (US Federal PKI Management Authority), Yashwanth TM - (eMudhra), Yoshihiko Matsuo - (Japan Registry Services).

2. Read note-well

The note-well was read.

3. Review of Agenda

The Agenda was approved.

4. Approval of minutes from the January 4, 2024 Teleconference (minutes have been distributed)

The minutes were approved.

5. Approval of minutes from the February 1, 2024 Teleconference (minutes have been distributed)

The minutes were approved.

6. Server Certificate Working Group update (Inigo)

The applications for new members were discussed, including their compliance with requirements and any concerns raised.

The main topic of discussion was the handling of open issues and how to address them effectively, as there were many unresolved issues dating back several years. Suggestions for improvement were encouraged.

There is a concern about issues not containing enough context and being self-contained, making it difficult to engage in them.

It is suggested to create a set of required fields for entering issues and make a pass at old ones to answer basic questions, with the possibility of closing old ones that cannot be addressed.

There was a suggestion to limit the number of updates or versions per year to make it easier for the community to handle.

The upcoming face-to-face meeting in Delhi was mentioned, where topics such as improvements to DNS-based validation methods, automation in the EV guidelines, and identifying delegated third parties will be discussed.

7. Code Signing Certificate Working Group update (Bruce)

The Code Signing WG discussed ongoing work on importing EV guideline references and timestamping requirements, as well as agenda items for the upcoming face-to-face meeting.

8. S/MIME Certificate Working Group update (Stephen)

The S/MIME WG is working on the latest ballot and Stephen gave a quick summary of upcoming clarifications.

9. Forum Infrastructure Subcommittee update (Jos)

Josh Purvis from Fastly discussed the successful transition to a new static website, plans for upgrading the mail server, and improvements to the approval process for GitHub pull requests.

10. NetSec Working Group update (Clint)

11. Agenda approval for F2F 61

The agenda includes various presentations, updates, working group meetings, and discussions on topics such as IPR challenges when working with researchers, and future goals and plans.

The meeting approved the agenda. There are approximately 100 participants expected, 40 physically present and 60 remote.

Next call is March 14, 2024. Meeting adjourned.

Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.7 - Ballot SMC09 - Nov 25, 2024

This ballot includes updates for the following: • Require pre-linting of leaf end entity Certificates starting September 15, 2025 • Require WebTrust for Network Security for audits starting after April 1, 2025 • Clarify that multiple certificatePolicy OIDs are allowed in end entity certificates • Clarify use of organizationIdentifer references • Update of Appendix A.2 Natural Person Identifiers This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Clint Wilson (Apple) and Martijn Katerbarg (Sectigo).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).