CA/Browser Forum
Home » All CA/Browser Forum Posts » 2025-07-10 Minutes of the Code Signing Certificate Working Group

2025-07-10 Minutes of the Code Signing Certificate Working Group

Code Signing Certificate Working Group Meeting Minutes – July 10th, 2025

Note Well

The Note Well was read.

Review of Agenda

Agenda reviewed and accepted without changes.

Approval of Minutes

  • 29 May minutes: Approved.

Discussion Topics

CSC-XX – Reduction of Validity Period

  • Karina (Microsoft) provided a status update confirming collaboration with Nate (Microsoft).
  • Ballot proposal expected to be distributed within the next one to two weeks.

CSC-30 – Aligning CSCWG BRs with Recent SCWG Ballot

  • Corey summarized the previous ballot’s failure due to concerns from Microsoft regarding:
    • Immediate effective dates for weak key checking.
    • Multiple normative changes bundled into one ballot.
    • OCSP-related concerns.
  • Karina clarified Microsoft’s position:
    • Linting requirement acceptable.
    • Immediate effective date for weak keys problematic; future effective date acceptable.
    • OCSP concerns remain.
  • Corey proposed retaining the ballot as a single ballot to simplify administration. Karina agreed.
  • Microsoft committed to providing detailed feedback on specific concerns before the next meeting.
  • Nate (Microsoft) and Karina will prepare updates by end of next week.

Any Other Business

  • Nate (Microsoft) requested clarification about GitHub PR procedures for ballot proposals. Guidance provided by Corey and Tim on targeting the CAB Forum repository directly.
  • Discussed ballot prioritization; agreed that the validity period ballot is higher priority due to readiness.

Next Meeting

July 24th

Attendees

Adriano Santoni (Actalis S.p.A.), Corey Bonnell (DigiCert), Dean Coclin (DigiCert), Inaba Atsushi (GlobalSign), Karina Sirota (Microsoft), Kateryna Aleksieieva (Asseco Data Systems SA (Certum)), Luis Cervantes (SSL.com), Marco Schambach (IdenTrust), Nate Santiago (Microsoft), Nome Huang (TrustAsia), Rebecca Kelly (SSL.com), Scott Rea (eMudhra), Thomas Zermeno (SSL.com), Tim Hollebeek (DigiCert), Yateesh Bhardwaj (GlobalSign)

Latest releases
Server Certificate Requirements
SC095v3: Clean-up 2025 - Apr 2, 2026

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.13 - Ballot SMC015v2 - Mar 28, 2026

This ballot introduces requirements that a CA or RA must follow to rely upon a Mobile Drivers License (mDL) to provide evidence for the authentication of individual identity. It allows the use of mDL that conform to ISO/IEC 18013-5 and which may be verified by the CA or RA in conformance with ISO/IEC 18013-7. The CA or RA shall only accept mDL from an Issuing Authority that is legally authorized by the relevant government or jurisdiction to issue driving licenses. The draft also aligns the subsections of 3.2.4.2 (Validation of individual identity) to correspond more closely with those in 3.2.4.1 (Attribute collection of individual identity). It also includes minor editorial corrections. SMC015v2 was updated to remove an additional reference to the superceded ETSI EN 319 403. This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Ben Wilson (Mozilla) and Scott Rea (eMudhra).

Network and Certificate System Security Requirements
Version 2.0.5 (Ballot NS-008) - Jul 9, 2025

Related posts
Tags
Code Signing Minutes
Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).