CA/Browser Forum
Home » All CA/Browser Forum Posts » 2024-09-12 Minutes of the CA/Browser Forum Teleconference

2024-09-12 Minutes of the CA/Browser Forum Teleconference

Attendees

  • Aaron Poulsen (Amazon)
  • Adam Jones (Microsoft)
  • Adrian Mueller (SwissSign)
  • Andrea Holland (VikingCloud)
  • Ben Wilson (Mozilla)
  • Brianca Martin (Amazon)
  • Bruce Morton (Entrust)
  • Chad Dandar (Cisco Systems)
  • Clint Wilson (Apple)
  • Corey Bonnell (DigiCert)
  • Corey Rasmussen (OATI)
  • David Kluge (Google)
  • Dean Coclin (DigiCert)
  • Dimitris Zacharopoulos (HARICA)
  • Dustin Hollenback (Microsoft)
  • Gregory Tomko (GlobalSign)
  • Inaba Atsushi (GlobalSign)
  • Iñigo Barreira (Sectigo)
  • Jaime Hablutzel (OISTE Foundation)
  • Ji Eun Seong (MOIS of the republic of Korea)
  • Johnny Reading (GoDaddy)
  • Jos Purvis (Fastly)
  • Karina Sirota (Microsoft)
  • Kiran Tummala (Microsoft)
  • Llew Curran (GoDaddy)
  • Luis Cervantes (GoDaddy)
  • Mads Henriksveen (Buypass AS)
  • Mahua Chaudhuri (Microsoft)
  • Marco Schambach (IdenTrust)
  • Martijn Katerbarg (Sectigo)
  • Michelle Coon (OATI)
  • Miguel Sanchez (Google)
  • Mrugesh Chandarana (IdenTrust)
  • Nargis Mannan (VikingCloud)
  • Nate Smith (GoDaddy)
  • Nicol So (CommScope)
  • Nome Huang (TrustAsia)
  • Paul van Brouwershaven (Entrust)
  • Peter Miskovic (Disig)
  • Rebecca Kelly (SSL.com)
  • Rollin Yu (TrustAsia)
  • Scott Rea (eMudhra)
  • Stephen Davidson (DigiCert)
  • Tadahiko Ito (SECOM Trust Systems)
  • Tathan Thacker (IdenTrust)
  • Thomas Zermeno (SSL.com)
  • Tobias Josefowitz (Opera Software AS)
  • Trevoli Ponds-White (Amazon)
  • Tsung-Min Kuo (Chunghwa Telecom)
  • Wayne Thayer (Fastly)
  • Wendy Brown (US Federal PKI Management Authority)

Agenda Review

  • Approval of Aug 29th minutes: Approved

SCWG Update

  • Inigo gave the update on SCWG. A new version of the BRs was published with an important change regarding the MPIC ballot. A new section discusses how to perform this validation. The date of March 15th, 2025 is significant for these changes.
  • Another ballot in IPR review regarding the naming of the WebTrust certifications should finish IPR by the end of October.
  • Corey summarized the Validation subcommittee actions, mentioning Paul’s ballot on policy OIDs and cross-certificates which is under discussion in the SCWG.

CSCWG Update

  • Bruce provided updates. Ian is working on a ballot to reduce the certificate lifetime of code signing certs. A discussion on “EV/OV consolidation” will occur at the next F2F.

SMIME Update

  • Stephen updated that a ballot to update the audit requirements acknowledges the new WebTrust for netsec.
  • The effective date for the MPIC adoption for SMIME is decided for May 15, 2025, allowing for discussion around it at the F2F.

NetSec Working Group

  • Clint reported on NS004 discussions, which have entered the discussion period with upcoming ballots on workstations and passwords.

Definitions and Glossary Working Group

  • Tim H. was not present on the call.

Forum Infrastructure Subcommittee

  • Jos provided updates on the migration to the new server and handling of mailing lists.

IPR Subcommittee

  • Ben discussed extending the IPR group as it’s about to terminate and keeping guest speakers at the WG level for IPR issue management.

2024 Elections

  • Dimitris reminded attendees to vote as voting ends on September 16th at 11 AM ET, with vice chair elections starting the same day.

F2F Prep

  • Trev mentioned that the Pan Pacific hotel booking deadline is nearing, urging attendees to reserve ASAP.

Next Call

  • The next meeting is cancelled; the next gathering will be at the F2F.

Meeting Adjourned

Latest releases
Server Certificate Requirements
SC-081v3: Introduce Schedule of Reducing Validity and Data Reuse Periods - May 21, 2025

BR v2.1.5

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.9 - Ballot SMC011 - May 14, 2025

This ballot allows the option to use a European Unique Identifier (EUID) as a Registration Reference in the NTR Registration Scheme. The EUID uniquely identifies officially-registered organizations, Legal Entities, and branch offices within the European Union or the European Economic Area. The EUID is specified in chapter 9 of the Annex contained in the Implementing Regulation (EU) 2021/1042 which describes rules for the application of Directive (EU) 2017/1132 “relating to certain aspects of company law (codification)”. The ballot also includes several editorial corrections, (e.g., reordering of References and regrouping of information from Appendix A to Section 7.1.4.2.2 (d)). This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Adrian Mueller (SwissSign) and Adriano Santoni (Actalis).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Related posts
Tags
Forum Minutes
Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).