CA/B Forum and Server Certificate WG Teleconference - 2025-05-08

Meeting Title: CA/Browser Forum
Date: 8 May 2025
Chair: Dean Coclin
Minutes Taken By: Wayne Thayer

1. Roll Call and Housekeeping

• Meeting called to order by Dean Coclin; recording in process.

2. Note-well

• Note-well has already been read.

3. Review Agenda

• No changes to the agenda.

4. Approval of Minutes

• April 10th (Trev) - these are still pending.
• April 24th (Thomas) - have been posted to the management list; minutes approved.
• F2F#64 - minutes approved.

5. Server Certificate Working Group update (Dimitris)

SCWG

• Discussed recent comments on SC081; no action needed.
• Discussion on ability to lock comments on PRs and request to Infrastructure SC to standardize.
• Ballots were discussed.

Validation Subcommittee

• Corey reported focus on SC085 (DNSSEC ballot) and technical details/effective dates.
• Also discussed SC082 redux and new validation method by Michael Slaughter.
• Ongoing PR discussion on GitHub.

6. Code Signing Certificate Working Group update (Martijn)

• No call was held; no updates.

7. S/MIME Certificate Working Group update (Stephen)

• Discussed ACME for S/MIME ballot.
• Discussed tagging of pseudonyms in common names to prevent confusion.
• Broader discussion on adopting the detailed Section 7 structure of the TLS BRs.
• SMC011 exits IPR on May 14.

8. NetSec Working Group update (Clint)

• Discussion of NS008 and section 2.2.6 remote connections language.
• Potential confusion with “access to CA infrastructure” for customer portals.
• Proposed new term: “privileged access” to clarify.
• Ballot updated to version 3 and discussion period restarted.
• Aiming to move to voting on May 14th.

9. Definitions and Glossary Working Group (Tim C.)

• No update.

10. Forum Infrastructure Subcommittee update (Jos)

• Reviewed GitHub ‘restrict comments’ setting—agreed to use and document in CLA/readme.
• Ben’s meeting minutes template added to wiki; plan to test with AI transcription.
• Suggestion: chairs should clearly call out agenda sections for AI alignment.
• Concern raised by Wayne: restricting comments may drive demand for write access.
• Jos: propose self-service update via membership-tools record.

11. Intellectual Property Rights Subcommittee (Ben)

• Next meeting scheduled for May 15*

12. Bylaws Changes (Ben - Dimitris)

• No recent progress.
• Rebecca Kelley to collaborate with Ben.

13. Any Other Business

• Toronto Face-to-Face meeting approaching. In-person attendance deadline has passed.
• Reminder to book hotels.
• Aaron drafted a bylaws update ballot to allow WG chairs to convert relative effective dates to concrete dates post-ballot. Planning to begin discussion period.

14. Next Call

• May 22, 2025

15. Adjourn

Attendees

Aaron Gable (Let’s Encrypt), Aaron Poulsen (Amazon), Adam Jones (Microsoft), Adriano Santoni (Actalis S.p.A.), Antti Backman (Telia Company), Ben Wilson (Mozilla), Brianca Martin (Amazon), Chris Clements (Google), Clint Wilson (Apple), Corey Bonnell (DigiCert), Corey Rasmussen (OATI), Cynethia Brown (US Federal PKI Management Authority), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Gregory Tomko (GlobalSign), Hazhar Ismail (MSC Trustgate Sdn Bhd), Inaba Atsushi (GlobalSign), Iori Kondo (Cybertrust Japan), Jaime Hablutzel (OISTE Foundation), Jeanette Snook (Visa), Jeff Ward (Aprio), Johnny Reading (GoDaddy), Jos Purvis (Fastly), Jun Okura (Cybertrust Japan), Karina Sirota (Microsoft), Kate Xu (TrustAsia), Kiran Tummala (Microsoft), Li-Chun Chen (Chunghwa Telecom), Lucy Buecking (IdenTrust), Luis Cervantes (SSL.com), Mahua Chaudhuri (Microsoft), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Matthew McPherrin (Let’s Encrypt), Michael Slaughter (Amazon), Michelle Coon (OATI), Mohd Redha Hamzah (Pos Digicert Sdn. Bhd.), Mrugesh Chandarana (IdenTrust), Nargis Mannan (VikingCloud), Nate Smith (GoDaddy), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Rich Smith (DigiCert), Rollin Yu (TrustAsia), Ryan Dickson (Google), Scott Rea (eMudhra), Sooyoung Eo (NAVER Cloud Trust Services), Stephen Davidson (DigiCert), Steven Deitte (GoDaddy), Tadahiko Ito (SECOM Trust Systems), Thomas Zermeno (SSL.com), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yamian Quintero (Microsoft)