CA/Browser Forum
Home » All CA/Browser Forum Posts » 2024-09-12 Minutes of the CA/Browser Forum Teleconference

2024-09-12 Minutes of the CA/Browser Forum Teleconference

Attendees

  • Aaron Poulsen (Amazon)
  • Adam Jones (Microsoft)
  • Adrian Mueller (SwissSign)
  • Andrea Holland (VikingCloud)
  • Ben Wilson (Mozilla)
  • Brianca Martin (Amazon)
  • Bruce Morton (Entrust)
  • Chad Dandar (Cisco Systems)
  • Clint Wilson (Apple)
  • Corey Bonnell (DigiCert)
  • Corey Rasmussen (OATI)
  • David Kluge (Google)
  • Dean Coclin (DigiCert)
  • Dimitris Zacharopoulos (HARICA)
  • Dustin Hollenback (Microsoft)
  • Gregory Tomko (GlobalSign)
  • Inaba Atsushi (GlobalSign)
  • Iñigo Barreira (Sectigo)
  • Jaime Hablutzel (OISTE Foundation)
  • Ji Eun Seong (MOIS of the republic of Korea)
  • Johnny Reading (GoDaddy)
  • Jos Purvis (Fastly)
  • Karina Sirota (Microsoft)
  • Kiran Tummala (Microsoft)
  • Llew Curran (GoDaddy)
  • Luis Cervantes (GoDaddy)
  • Mads Henriksveen (Buypass AS)
  • Mahua Chaudhuri (Microsoft)
  • Marco Schambach (IdenTrust)
  • Martijn Katerbarg (Sectigo)
  • Michelle Coon (OATI)
  • Miguel Sanchez (Google)
  • Mrugesh Chandarana (IdenTrust)
  • Nargis Mannan (VikingCloud)
  • Nate Smith (GoDaddy)
  • Nicol So (CommScope)
  • Nome Huang (TrustAsia)
  • Paul van Brouwershaven (Entrust)
  • Peter Miskovic (Disig)
  • Rebecca Kelly (SSL.com)
  • Rollin Yu (TrustAsia)
  • Scott Rea (eMudhra)
  • Stephen Davidson (DigiCert)
  • Tadahiko Ito (SECOM Trust Systems)
  • Tathan Thacker (IdenTrust)
  • Thomas Zermeno (SSL.com)
  • Tobias Josefowitz (Opera Software AS)
  • Trevoli Ponds-White (Amazon)
  • Tsung-Min Kuo (Chunghwa Telecom)
  • Wayne Thayer (Fastly)
  • Wendy Brown (US Federal PKI Management Authority)

Agenda Review

  • Approval of Aug 29th minutes: Approved

SCWG Update

  • Inigo gave the update on SCWG. A new version of the BRs was published with an important change regarding the MPIC ballot. A new section discusses how to perform this validation. The date of March 15th, 2025 is significant for these changes.
  • Another ballot in IPR review regarding the naming of the WebTrust certifications should finish IPR by the end of October.
  • Corey summarized the Validation subcommittee actions, mentioning Paul’s ballot on policy OIDs and cross-certificates which is under discussion in the SCWG.

CSCWG Update

  • Bruce provided updates. Ian is working on a ballot to reduce the certificate lifetime of code signing certs. A discussion on “EV/OV consolidation” will occur at the next F2F.

SMIME Update

  • Stephen updated that a ballot to update the audit requirements acknowledges the new WebTrust for netsec.
  • The effective date for the MPIC adoption for SMIME is decided for May 15, 2025, allowing for discussion around it at the F2F.

NetSec Working Group

  • Clint reported on NS004 discussions, which have entered the discussion period with upcoming ballots on workstations and passwords.

Definitions and Glossary Working Group

  • Tim H. was not present on the call.

Forum Infrastructure Subcommittee

  • Jos provided updates on the migration to the new server and handling of mailing lists.

IPR Subcommittee

  • Ben discussed extending the IPR group as it’s about to terminate and keeping guest speakers at the WG level for IPR issue management.

2024 Elections

  • Dimitris reminded attendees to vote as voting ends on September 16th at 11 AM ET, with vice chair elections starting the same day.

F2F Prep

  • Trev mentioned that the Pan Pacific hotel booking deadline is nearing, urging attendees to reserve ASAP.

Next Call

  • The next meeting is cancelled; the next gathering will be at the F2F.

Meeting Adjourned

Latest releases
Server Certificate Requirements
SC095v3: Clean-up 2025 - Apr 2, 2026

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.13 - Ballot SMC015v2 - Mar 28, 2026

This ballot introduces requirements that a CA or RA must follow to rely upon a Mobile Drivers License (mDL) to provide evidence for the authentication of individual identity. It allows the use of mDL that conform to ISO/IEC 18013-5 and which may be verified by the CA or RA in conformance with ISO/IEC 18013-7. The CA or RA shall only accept mDL from an Issuing Authority that is legally authorized by the relevant government or jurisdiction to issue driving licenses. The draft also aligns the subsections of 3.2.4.2 (Validation of individual identity) to correspond more closely with those in 3.2.4.1 (Attribute collection of individual identity). It also includes minor editorial corrections. SMC015v2 was updated to remove an additional reference to the superceded ETSI EN 319 403. This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Ben Wilson (Mozilla) and Scott Rea (eMudhra).

Network and Certificate System Security Requirements
Version 2.0.5 (Ballot NS-008) - Jul 9, 2025

Related posts
Tags
Forum Minutes
Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).