CA/Browser Forum
Home » All CA/Browser Forum Posts » 2024-09-25 Minutes of the S/MIME Certificate Working Group

2024-09-25 Minutes of the S/MIME Certificate Working Group

Minutes of SMCWG

September 25, 2024

These are the Approved Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply.

Attendees

Adrian Mueller (SwissSign), Adriano Santoni (Actalis S.p.A.), Andy Warner (Google), Ashish Dhiman (GlobalSign), Guillaume Amringer (Carillon Information Security Inc.), Inaba Atsushi (GlobalSign), Judith Spencer (CertiPath), Li-Chun Chen (Chunghwa Telecom), Malcolm Idaho (IdenTrust), Marco Schambach (IdenTrust), Martijn Katerbarg (Sectigo), Nargis Mannan (VikingCloud), Nome Huang (TrustAsia), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Renne Rodriguez (Apple), Rollin Yu (TrustAsia), Sandy Balzer (SwissSign), Thomas Zermeno (SSL.com), Tsung-Min Kuo (Chunghwa Telecom)

1. Roll Call

2. Read Antitrust Statement

The statement was read concerning the antitrust policy, code of conduct, and intellectual property rights agreement.

3. Review Agenda

Minutes were prepared by Stephen Davidson.

4. Approval of minutes from last teleconference

The minutes for the teleconference of September 11 were approved.

5. Discussion

Meeting was led by Martijn Katerbarg who noted that turnout might be light due to the ENISA Trust Services Forum/CA Day.

Martijn reminded CAs of the effective dates on September 15: • SHALL use compliant ICA, transition end for Extant ICAs (from version 1.0.1, ballot SMC03) • SHOULD adopt CAA for S/MIME, CPS update required (from version 1.0.3, ballot SMC05) • SHALL check Active status of Legal Entity Applicants (from version 1.0.4, ballot SMC06)

Martijn described a proposed text to clarifying the use of Registration Reference for organizationIdentifier in the subjectDN of Org- and Sponsor-validated profiles. Martijn said the text is being considered to add to Ballot SMC09 which is soon to enter discussion. He said that a proposal would be forthcoming from Adrian Mueller to allow the use of EUID as an NTR or as an additional Registration Scheme.

Pedro Fuentes proposed that the organizationIdentifier was an unnecessary complication in subjectDNs. Martijn noted that this was a significant discussion during the drafting of the original S/MIME BR.

Martijn described an approach to delay the implementation of MPIC for several months, to accommodate CAs who may not be aware of the MPIC discussion for TLS. This includes a SHOULD adopt for March 15 2025 and a must of May 15. He said Stephen Davidson would soon distribute an updated draft.

Martijn noted that the next S/MIME call will occur on the Thursday of the F2F. The WG discussed agenda items, including pending ballots and roadmap for the rest of the year.

Martijn noted that the nomination period is open for Vice Chair of the SMCWG.

6. Any Other Business

7. Next call

Next meeting: CABF F2F #63 in Seattle. See wiki for details.

Adjourned

Latest releases
Server Certificate Requirements
SC-081v3: Introduce Schedule of Reducing Validity and Data Reuse Periods - May 21, 2025

BR v2.1.5

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.9 - Ballot SMC011 - May 14, 2025

This ballot allows the option to use a European Unique Identifier (EUID) as a Registration Reference in the NTR Registration Scheme. The EUID uniquely identifies officially-registered organizations, Legal Entities, and branch offices within the European Union or the European Economic Area. The EUID is specified in chapter 9 of the Annex contained in the Implementing Regulation (EU) 2021/1042 which describes rules for the application of Directive (EU) 2017/1132 “relating to certain aspects of company law (codification)”. The ballot also includes several editorial corrections, (e.g., reordering of References and regrouping of information from Appendix A to Section 7.1.4.2.2 (d)). This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Adrian Mueller (SwissSign) and Adriano Santoni (Actalis).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).