CA/Browser Forum
Home » All CA/Browser Forum Posts » 2024-12-19 Minutes of the CA/Browser Forum Teleconference

2024-12-19 Minutes of the CA/Browser Forum Teleconference

Attendees

Aaron Poulsen (Amazon), Adam Jones (Microsoft), Adriano Santoni (Actalis S.p.A.), Andrea Holland (VikingCloud), Ben Wilson (Mozilla), Brianca Martin (Amazon), Bruce Morton (Entrust), Chris Clements (Google), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Hogeun Yoo (NAVER Cloud Trust Services), Inaba Atsushi (GlobalSign), Iñigo Barreira (Sectigo), Johnny Reading (GoDaddy), Jos Purvis (Fastly), Kateryna Aleksieieva (Asseco Data Systems SA (Certum)), Lucy Buecking (IdenTrust), Luis Cervantes (SSL.com), Lynn Jeun (Visa), Mahua Chaudhuri (Microsoft), Marcelo Silva (Visa), Mark Nelson (IdenTrust), Martijn Katerbarg (Sectigo), Michelle Coon (OATI), Mrugesh Chandarana (IdenTrust), Nargis Mannan (VikingCloud), Nate Smith (GoDaddy), Nome Huang (TrustAsia), Paul van Brouwershaven (Entrust), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Roman Fischer (SwissSign), Sandy Balzer (SwissSign), Scott Rea (eMudhra), Stephen Davidson (DigiCert), Steven Deitte (GoDaddy), Tadahiko Ito (SECOM Trust Systems), Tathan Thacker (IdenTrust), Tim Callan (Sectigo), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yamian Quintero (Microsoft)

Approval of Minutes

  • The November 7th meeting minutes are approved

Server Certificate Working Group update

  • Minutes not yet available.
  • New version of the TBRs has been published.
  • Almost gone through the backlog of issues
  • Several ballots in progress, including reducing validity reduction
  • No Validation Subcommittee update

Code Signing Certificate Working Group update

  • PQC presentation by Brianca from Amazon
  • Short discussion on lifetime reducation
  • Bruce (Entrust) preparing a ballot incorporating several SCWG changes into the CSBRs

S/MIME Certificate Working Group update

  • New SBR version to be published on Monday incorporating MPIC for S/MIME
  • Looking on adding a new ACME for S/MIME DCV method into the SBRs
  • Modifying the NTR Registration Scheme to incorporate the EUID as an NTR Identifier

NetSec Working Group update

  • The last meeting was not held

Definitions and Glossary Working Group update

  • No updates

Forum Infrastructure Subcommittee update

  • Will be looking at forwarding the questions list email address towards a new questions list as a temporary measure until all Forum documents can be updated to show the new questions email address.
  • Had a discussion on voting and using the member tools as voting platform in the future. Bylaws and Charters will need to be updated for this as well.

Intellectual Property Rights Subcommittee

  • Had a meeting the past week, where the invited experts proposal and feedback was reviewed. This feedback will be compiled and sent around.
  • Looking to adopt the policy through a ballot into the bylaws.

Bylaws Changes

  • We have 10 issues to be resolved for the bylaws. We may need to hold a session in a future meeting or with a subgroup to go through all of these.
  • This will be presented to the larger group once ready

Any Other Business

  • January 2nd meeting cancelled

Next meeting

  • January 16th
Latest releases
Server Certificate Requirements
BRs/2.1.3 SC083: Winter 2024-2025 Cleanup Ballot - Feb 24, 2025

Winter 2024-2025 Cleanup Ballot (#561)

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.8 - Ballot SMC010 - Dec 23, 2024

This ballot adopts Multi-Perspective Issuance Corroboration (MPIC) for CAs when conducting Email Domain Control Validation (DCV) and Certification Authority Authorization (CAA) checks for S/MIME Certificates. The Ballot adopts the MPIC implementation consistent with the TLS Baseline Requirements. Acknowledging that some S/MIME CAs with no TLS operations may require additional time to deploy MPIC, the Ballot has a Compliance Date of May 15, 2025. Following that date the implementation timeline described in TLS BR section 3.2.2.9 applies. This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Ashish Dhiman (GlobalSign) and Nicolas Lidzborski (Google).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Related posts
Tags
Forum Minutes
Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).