2025-04-24 Minutes of the Forum
Roll Call and Housekeeping
- Meeting called to order by Dean; recording in process
- Roll taken by recording
Note-well
- Note-well has already been read
Review Agenda
- Begin Recording - Roll Call
- Read note-well
- Review of Agenda
- Approval of minutes: April 10th and F2F.
- Server Certificate Working Group update (Dimitris)
- Code Signing Certificate Working Group update (Martijn)
- S/MIME Certificate Working Group update (Stephen)
- NetSec Working Group update (Clint)
- Definitions and Glossary Working Group (Tim H.)
- Forum Infrastructure Subcommittee update (Jos)
- Intellectual Property Rights Subcommittee (Ben)
- Bylaws changes (Ben - Dimitris)
- Any Other Business
- Next call: May 8, 2025
- Adjourn
Approval of Minutes
- No minutes for 2024-04-10
- Minutes from the F2F: Ryan asked for more time to review - deferred to next meeting.
- Draft minutes and presentations from F2F are available on Wiki
Server Certificate Working Group update (Dimitris)
SCWG
- IODEF mail mechanism
- CA Key reuse
Validations
- Slaughter gave an excellent presentation on CA Assisted Validation Ballot
- pull request is not in server cert repo
Code Signing Certificate Working Group update (Martijn)
- CSC - 29 and 30 to be discussed once it has been confirmed that the new Microsoft representative can vote on the ballots
- Reduction of max validity of CS certificates to 15 months with 12 month effective date
- PKC ballot to allow ML DSA algorithms for code signing
S/MIME Certificate Working Group update (Stephen)
- Confirmed participation of interested parties listed above (in CSWG meeting)
- Users of PKI Lint have comments on usage, which are leading to updates to clarify the text and make changes in program.
- RFC 8823 ACME for S/MIME validation method to be considered in future ballot
- Discussions of draft for PQC S/MIME certs using ML DSA and ML KEM (pure certificates); interested parties can read the redline of the ballot text from the S/MIME CA/B Forum group. Comments are welcomed.
NetSec Working Group update (Clint)
- NS-008: discussion period will continue for another week; effective date pushed back to November
- Discussed next priorities of workgroup:
- trusted roles; expect to have a beginning proposal to orient roles around outcomes and to increase consistancy in TR requirements
- Reorganization of NETSEC requirements
- Review of EU NIST 2 and NIST CyberSecurity frameworks
- Next meeting May 6
Definitions and Glossary Working Group (Tim C.)
- No feedback on F2F presentation == tacit agreement
- Information to be put out on list to allow further review before moving forward with the working plan
Forum Infrastructure Subcommittee update (Ben)
- Using AI for minute generation; what is the goal of minutes?
- Goal of minutes is to inform those not in attendance
- Record key discussion points
- Identify action items
- Provide historical record for any decisions
- How to get correct level of detail from the AI
- Worked on a minute template
- neutral activity without color commentary/opinions
- summary of meeting at topic
- moving the list of attendees to the bottom of minutes
- summarize discussion points: to what degree should comments be attributed?
- want the Why of conclusions, not just the conclusion.
- Working on AI prompt; will require testing with various tools.
Intellectual Property Rights Subcommittee (Ben)
- Doodle poll to setup next call - no solid date, yet
- Working on Google Doc, which will require review
Bylaws changes (Ben - Dimitris)
- No recent progress
Any Other Business
- Dean received 2 letters from ITU; will forward to Management List
- For Toronto F2F the signup list is closing May 1; hotel deadline approaching
Next call: May 8, 2025
Adjourn
Attendance
Aaron Gable (Let’s Encrypt), Adrian Mueller (SwissSign), Alison Wang (TrustAsia), Alvin (SHECA), Andrea Holland (VikingCloud), Andreas Henschel (D-TRUST), Arno Fiedler (ETSI ESI), Arnold Essing (Telekom Security, invited guest), Ashish Dhiman (GlobalSign), Ben Wilson (Mozilla, Brianca Martin (Amazon), Brittany Randall (GoDaddy), Bruce Morton (Entrust), Chad Dandar (Cisco Systems), Chris Clements (Google), Chya-Hung Tsai (TWCA), Clemens Wanko (ACAB Council), Clint Wilson (Apple), Corey Bonnell (DigiCert), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Dmitry Sharkov (Sectigo), Dustin Hollenback (Microsoft), Edwin Zhai (TrustAsia), Enrico Entschew (D-TRUST), Eric Hampshire (Cisco Systems), Fumiaki Ono (SECOM), Han Yong Park (NAVER Cloud Trust Services), Hans Metsoja (Opera), Hao-Chun Li (TWCA), Hazhar Ismail (MSC Trustgate Sdn Bhd), Henry Birge-Lee (Henry Birge-Lee (Private person)), Hideki Kobayashi (KPMG Japan), Hiroki Katsube (JPRS), Hisashi Kamo (SECOM Trust Systems), Hogeun Yoo (NAVER Cloud Trust Services), Inaba Atsushi (GlobalSign), Iñigo Barreira (Sectigo), Iori Kondo (Cybertrust Japan), JP Hamilton (Cisco), Jaime Hablutzel (OISTE Foundation), Jeff Ward (Aprio), Jeremy Rowley (DigiCert), Ji Eun Seong (MOIS (Ministry of Interior and Safety) of the republic of Korea), Jinhwan Shin (Deloitte Korea), Joanna Zhu (TrustAsia), Jun Okura (Cybertrust Japan), Kateryna Aleksieieva (Asseco Data Systems SA (Certum)), Karina Goodley (Microsoft), Kate Xu (TrustAsia), Kenji Nakada (JPRS), Kenji Urushima (GlobalSign), Lila Dubko (CPA Canada/WebTrust), Leo Grove (SSL.com), Li-Chun Chen (Chunghwa Telecom), Llew Curran (GoDaddy), Luis Cervantes (SSL.com), Mahua Chaudhuri (Microsoft), Marco Schambach (IdenTrust), Martijn Katerbarg (Sectigo), Masaru Sakamoto (Cybertrust Japan), Mats Rosberg (Keyfactor), Matthias Wiedenhorst (ACAB Council), Michael Malinowski (Certum), Michael Slaughter (Amazon), Mitsuyoshi Tamura (Cybertrust Japan), Nate Smith (GoDaddy), Naveen Kumar (eMudhra), Nick France (Sectigo), Nicol So (CommScope), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Puja Sehgal (Microsoft), Rebecca Kelly (SSL.com), Renne Rodriguez (Apple), Rich Smith (DigiCert), Rollin Yu (TrustAsia), Russ Housley (Vigil Security), Ryan Dickson (Google), Sandy Balzer (SwissSign), Scott Rea (eMudhra), Sooyoung Eo (NAVER Cloud Trust Services), Stefan Kirch (Telekom Security, invited guest), Stephen Davidson (DigiCert), Sven Rajala (Keyfactor), Tadahiko Ito (SECOM Trust Systems), Takashi Sawada (Secom), Taro Momosaki (Toyota Tsusho, invited guest), Thomas Zermeno (SSL.com), Tim Callan (Sectigo), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Vinay Kumar (OATI), Wayne Thayer (Fastly), Xiu Lei (GDCA), Yamian Quintero (Microsoft), Yannick Thomassier (Certinomis), YeongHo Lee (Deloitte Korea), Yumo Makino (Toyota Tsusho, invited guest), Zurina Zolkaffly (MSC Trustgate)