CA/Browser Forum
Home » All CA/Browser Forum Posts » 2024-07-11 Minutes of the Code Signing Certificate Working Group

2024-07-11 Minutes of the Code Signing Certificate Working Group

Attendees

Atsushi INABA - GlobalSign, Brian Winters - IdenTrust, Bruce Morton - Entrust, Corey Bonnell -DigiCert, Dean Coclin-DigiCert (checked in to start meeting call), Ian McMillan Microsoft, Inigo Barreira - Sectigo, Rebecca Kelley - SSL.com, Scott Rea - eMudhra, Thomas Zermeno - SSL.com, Tim Crawford - BDO, Wangmo Tenzing

Minutes

  1. Roll Call
    • Completed by Bruce
  2. Antitrust reminder
    • Completed by Bruce
  3. Approve prior meeting minutes – June 13th and June 27th (Brianca)
    • Minutes are not available for review and approval
    • Pushed to next meeting
  4. IPR review: CSC-25 Remove EV Guideline References (Dimitris)
    • Ballot has passed and IPR period set to complete on August 1, 2024
  5. IPR review: CSC-26 Time-stamp Requirements update (Martijn)
    • Ballot has passed and IPR period set to complete on August 1, 2024
  6. Simplifying EV (Tim)
    • Tim was not available on the call (pushing to next meeting)
    • No progress has been made currently, but CSC-25 completion will simplify this effort
  7. Other business
    • Ian volunteered to provide draft language for reducing the signing certificate max validity from 39 months to 15 months as previously discussed by the group
    • Draft to be shared in next meeting
    • No other business
  8. Next meeting – July 25th
  9. Adjourn
Latest releases
Server Certificate Requirements
SC-081v3: Introduce Schedule of Reducing Validity and Data Reuse Periods - May 21, 2025

BR v2.1.5

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.9 - Ballot SMC011 - May 14, 2025

This ballot allows the option to use a European Unique Identifier (EUID) as a Registration Reference in the NTR Registration Scheme. The EUID uniquely identifies officially-registered organizations, Legal Entities, and branch offices within the European Union or the European Economic Area. The EUID is specified in chapter 9 of the Annex contained in the Implementing Regulation (EU) 2021/1042 which describes rules for the application of Directive (EU) 2017/1132 “relating to certain aspects of company law (codification)”. The ballot also includes several editorial corrections, (e.g., reordering of References and regrouping of information from Appendix A to Section 7.1.4.2.2 (d)). This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Adrian Mueller (SwissSign) and Adriano Santoni (Actalis).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).