CA/Browser Forum
Home » All CA/Browser Forum Posts » 2024-09-12 Minutes of the CA/Browser Forum Teleconference

2024-09-12 Minutes of the CA/Browser Forum Teleconference

Attendees

  • Aaron Poulsen (Amazon)
  • Adam Jones (Microsoft)
  • Adrian Mueller (SwissSign)
  • Andrea Holland (VikingCloud)
  • Ben Wilson (Mozilla)
  • Brianca Martin (Amazon)
  • Bruce Morton (Entrust)
  • Chad Dandar (Cisco Systems)
  • Clint Wilson (Apple)
  • Corey Bonnell (DigiCert)
  • Corey Rasmussen (OATI)
  • David Kluge (Google)
  • Dean Coclin (DigiCert)
  • Dimitris Zacharopoulos (HARICA)
  • Dustin Hollenback (Microsoft)
  • Gregory Tomko (GlobalSign)
  • Inaba Atsushi (GlobalSign)
  • Iñigo Barreira (Sectigo)
  • Jaime Hablutzel (OISTE Foundation)
  • Ji Eun Seong (MOIS of the republic of Korea)
  • Johnny Reading (GoDaddy)
  • Jos Purvis (Fastly)
  • Karina Sirota (Microsoft)
  • Kiran Tummala (Microsoft)
  • Llew Curran (GoDaddy)
  • Luis Cervantes (GoDaddy)
  • Mads Henriksveen (Buypass AS)
  • Mahua Chaudhuri (Microsoft)
  • Marco Schambach (IdenTrust)
  • Martijn Katerbarg (Sectigo)
  • Michelle Coon (OATI)
  • Miguel Sanchez (Google)
  • Mrugesh Chandarana (IdenTrust)
  • Nargis Mannan (VikingCloud)
  • Nate Smith (GoDaddy)
  • Nicol So (CommScope)
  • Nome Huang (TrustAsia)
  • Paul van Brouwershaven (Entrust)
  • Peter Miskovic (Disig)
  • Rebecca Kelly (SSL.com)
  • Rollin Yu (TrustAsia)
  • Scott Rea (eMudhra)
  • Stephen Davidson (DigiCert)
  • Tadahiko Ito (SECOM Trust Systems)
  • Tathan Thacker (IdenTrust)
  • Thomas Zermeno (SSL.com)
  • Tobias Josefowitz (Opera Software AS)
  • Trevoli Ponds-White (Amazon)
  • Tsung-Min Kuo (Chunghwa Telecom)
  • Wayne Thayer (Fastly)
  • Wendy Brown (US Federal PKI Management Authority)

Agenda Review

  • Approval of Aug 29th minutes: Approved

SCWG Update

  • Inigo gave the update on SCWG. A new version of the BRs was published with an important change regarding the MPIC ballot. A new section discusses how to perform this validation. The date of March 15th, 2025 is significant for these changes.
  • Another ballot in IPR review regarding the naming of the WebTrust certifications should finish IPR by the end of October.
  • Corey summarized the Validation subcommittee actions, mentioning Paul’s ballot on policy OIDs and cross-certificates which is under discussion in the SCWG.

CSCWG Update

  • Bruce provided updates. Ian is working on a ballot to reduce the certificate lifetime of code signing certs. A discussion on “EV/OV consolidation” will occur at the next F2F.

SMIME Update

  • Stephen updated that a ballot to update the audit requirements acknowledges the new WebTrust for netsec.
  • The effective date for the MPIC adoption for SMIME is decided for May 15, 2025, allowing for discussion around it at the F2F.

NetSec Working Group

  • Clint reported on NS004 discussions, which have entered the discussion period with upcoming ballots on workstations and passwords.

Definitions and Glossary Working Group

  • Tim H. was not present on the call.

Forum Infrastructure Subcommittee

  • Jos provided updates on the migration to the new server and handling of mailing lists.

IPR Subcommittee

  • Ben discussed extending the IPR group as it’s about to terminate and keeping guest speakers at the WG level for IPR issue management.

2024 Elections

  • Dimitris reminded attendees to vote as voting ends on September 16th at 11 AM ET, with vice chair elections starting the same day.

F2F Prep

  • Trev mentioned that the Pan Pacific hotel booking deadline is nearing, urging attendees to reserve ASAP.

Next Call

  • The next meeting is cancelled; the next gathering will be at the F2F.

Meeting Adjourned

Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.6 - Ballot SMC08 - Aug 29, 2024

This ballot sets a date by which issuance of certificates following the Legacy generation profiles must cease. It also includes the following minor updates: Pins the domain validation procedures to v 2.0.5 of the TLS Baseline Requirements while the ballot activity for multi-perspective validation is concluded, and the SMCWG determines its corresponding course of action; Updates the reference for SmtpUTF8Mailbox from RFC 8398 to RFC 9598; and Small text corrections in the Reference section

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).