CA/Browser Forum
Home » All CA/Browser Forum Posts » 2024-09-12 Minutes of the CA/Browser Forum Teleconference

2024-09-12 Minutes of the CA/Browser Forum Teleconference

Attendees

  • Aaron Poulsen (Amazon)
  • Adam Jones (Microsoft)
  • Adrian Mueller (SwissSign)
  • Andrea Holland (VikingCloud)
  • Ben Wilson (Mozilla)
  • Brianca Martin (Amazon)
  • Bruce Morton (Entrust)
  • Chad Dandar (Cisco Systems)
  • Clint Wilson (Apple)
  • Corey Bonnell (DigiCert)
  • Corey Rasmussen (OATI)
  • David Kluge (Google)
  • Dean Coclin (DigiCert)
  • Dimitris Zacharopoulos (HARICA)
  • Dustin Hollenback (Microsoft)
  • Gregory Tomko (GlobalSign)
  • Inaba Atsushi (GlobalSign)
  • Iñigo Barreira (Sectigo)
  • Jaime Hablutzel (OISTE Foundation)
  • Ji Eun Seong (MOIS of the republic of Korea)
  • Johnny Reading (GoDaddy)
  • Jos Purvis (Fastly)
  • Karina Sirota (Microsoft)
  • Kiran Tummala (Microsoft)
  • Llew Curran (GoDaddy)
  • Luis Cervantes (GoDaddy)
  • Mads Henriksveen (Buypass AS)
  • Mahua Chaudhuri (Microsoft)
  • Marco Schambach (IdenTrust)
  • Martijn Katerbarg (Sectigo)
  • Michelle Coon (OATI)
  • Miguel Sanchez (Google)
  • Mrugesh Chandarana (IdenTrust)
  • Nargis Mannan (VikingCloud)
  • Nate Smith (GoDaddy)
  • Nicol So (CommScope)
  • Nome Huang (TrustAsia)
  • Paul van Brouwershaven (Entrust)
  • Peter Miskovic (Disig)
  • Rebecca Kelly (SSL.com)
  • Rollin Yu (TrustAsia)
  • Scott Rea (eMudhra)
  • Stephen Davidson (DigiCert)
  • Tadahiko Ito (SECOM Trust Systems)
  • Tathan Thacker (IdenTrust)
  • Thomas Zermeno (SSL.com)
  • Tobias Josefowitz (Opera Software AS)
  • Trevoli Ponds-White (Amazon)
  • Tsung-Min Kuo (Chunghwa Telecom)
  • Wayne Thayer (Fastly)
  • Wendy Brown (US Federal PKI Management Authority)

Agenda Review

  • Approval of Aug 29th minutes: Approved

SCWG Update

  • Inigo gave the update on SCWG. A new version of the BRs was published with an important change regarding the MPIC ballot. A new section discusses how to perform this validation. The date of March 15th, 2025 is significant for these changes.
  • Another ballot in IPR review regarding the naming of the WebTrust certifications should finish IPR by the end of October.
  • Corey summarized the Validation subcommittee actions, mentioning Paul’s ballot on policy OIDs and cross-certificates which is under discussion in the SCWG.

CSCWG Update

  • Bruce provided updates. Ian is working on a ballot to reduce the certificate lifetime of code signing certs. A discussion on “EV/OV consolidation” will occur at the next F2F.

SMIME Update

  • Stephen updated that a ballot to update the audit requirements acknowledges the new WebTrust for netsec.
  • The effective date for the MPIC adoption for SMIME is decided for May 15, 2025, allowing for discussion around it at the F2F.

NetSec Working Group

  • Clint reported on NS004 discussions, which have entered the discussion period with upcoming ballots on workstations and passwords.

Definitions and Glossary Working Group

  • Tim H. was not present on the call.

Forum Infrastructure Subcommittee

  • Jos provided updates on the migration to the new server and handling of mailing lists.

IPR Subcommittee

  • Ben discussed extending the IPR group as it’s about to terminate and keeping guest speakers at the WG level for IPR issue management.

2024 Elections

  • Dimitris reminded attendees to vote as voting ends on September 16th at 11 AM ET, with vice chair elections starting the same day.

F2F Prep

  • Trev mentioned that the Pan Pacific hotel booking deadline is nearing, urging attendees to reserve ASAP.

Next Call

  • The next meeting is cancelled; the next gathering will be at the F2F.

Meeting Adjourned

Latest releases
Server Certificate Requirements
BRs/2.1.2 SC-080 V3: Sunset the use of WHOIS to identify Domain Contacts and relying DCV Methods - Dec 16, 2024

Ballot SC-080 V3: “Sunset the use of WHOIS to identify Domain Contact… (https://github.com/cabforum/servercert/pull/560) Ballot SC-080 V3: “Sunset the use of WHOIS to identify Domain Contacts and relying DCV Methods” (https://github.com/cabforum/servercert/pull/555)

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.7 - Ballot SMC09 - Nov 25, 2024

This ballot includes updates for the following: • Require pre-linting of leaf end entity Certificates starting September 15, 2025 • Require WebTrust for Network Security for audits starting after April 1, 2025 • Clarify that multiple certificatePolicy OIDs are allowed in end entity certificates • Clarify use of organizationIdentifer references • Update of Appendix A.2 Natural Person Identifiers This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Clint Wilson (Apple) and Martijn Katerbarg (Sectigo).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Related posts
Tags
Forum Minutes
Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).