Minutes for CA/B Forum Plenary Teleconference 2025-11-06

Roll call

Aaron Gable (Let’s Encrypt), Aaron Poulsen (Amazon), Adam Jones (Microsoft), Adrian Mueller (SwissSign), Alvin Wang (SHECA), Antti Backman (Telia Company), Ben Wilson (Mozilla), Chris Clements (Google), Clint Wilson (Apple), Daryn Wright (Apple), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Apple), Enrico Entschew (D-TRUST), Gurleen Grewal (Google), Hogeun Yoo (NAVER Cloud Trust Services), Inaba Atsushi (GlobalSign), Jeanette Snook (Visa), Jos Purvis (Fastly), Jun Okura (Cybertrust Japan), Kateryna Aleksieieva (Asseco Data Systems SA (Certum)), Lilia Dubko (CPA Canada/WebTrust), Lucy Buecking (IdenTrust), Luis Cervantes (SSL.com), Mahua Chaudhuri (Microsoft), Marco Schambach (IdenTrust), Masaru Sakamoto (Cybertrust Japan), Matthew McPherrin (Let’s Encrypt), Michelle Coon (OATI), Mrugesh Chandarana (IdenTrust), Nargis Mannan (VikingCloud), Nate Smith (GoDaddy), Nicol So (CommScope), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Rollin Yu (TrustAsia), Roman Fischer (SwissSign), Ryan Dickson (Google), Sean Huang (TWCA), Stephen Davidson (DigiCert), Tadahiko Ito (SECOM Trust Systems), Tathan Thacker (IdenTrust), Thomas Zermeno (SSL.com), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority).

Antitrust statement

The Notewell was read at the server certificate WG.

Approval of previous meetings

• April 10, 2025 Dean explained that these minutes were not drafted and the recording has been deleted due to the default retention period setting. There will be no minutes. Roman proposed to post a message to the mailing list that there are no minutes, and also on the website.
• September 11, 2025 Approved
• September 25, 2025 Approved

Server Certificate WG

Dimitris gave an update from the last F2F

• Ben described Mozilla’s proposal for updating revocation reason codes.
• Ryan did a presentation about Technically Constrained subCAs and how rarely they are in the current ecosystem. He proposed removing those profiles for simplicity.
• Dimitris continued the conversation from the previous F2F meeting regarding a modified revocation timeline for CP/CPS discrepancies that are not in violation of the BRs.
• Finally, the WG discussed the upcoming ballots and spent significant time on the ADN clarification ballot. Several corner cases were discussed that will be in the minutes for Members to analyze, and then follow-up discussions can take place on the public mailing list. There is an alternative proposal by Let’s Encrypt to be discussed https://github.com/cabforum/servercert/pull/627.

Validation Subcommittee No update.

Code Signing WG

Tom gave the update.

Nate is still reaching out to Karina regarding OCSP concerns from Microsoft.

WG Members are encouraged to reach out to anti malware vendors for discussions on certificate information that can assist malware detection.

The WG is also considering replacing the JoI field with an organization identifier like the LEI or similar.

There is also work regarding PQC code signing.

The group is also considering moving the meeting once every month.

S/MIME WG

Stephen gave the update

The S/MIME WG has been working on a draft to rely on Mobile Driver’s License for personal identity validation. Soon be bringing a ballot on that. Could be used in other CABF standards.

A number of ballots pending relating to reduction of Domain vetting in the TLS BRs. They are incorporated by reference for Enterprise RA and S/MIME Certificate validations. Discuss if this is a potential issue and the general sentiment is that it is not an issue. The DNS method is the most frequently used so no objections raised so far.

NetSec WG

Met on Tuesday. D-Trust joined as a new member, following up from the F2F discussed about a summit to re-write the NetSec. Miguel will draft a proposal to share.

Definitions and Glossary Working Group

No update

Forum Infrastructure Subcommittee

No update

Intellectual Property Rights Subcommittee

No update. It can be removed from the agenda. The subcommittee still has work to do but will not be meeting.

Any Other business

Reduction of F2F frequency

Dean proposed having 2 F2F meetings a year, eliminate the summer meeting which is closest to the spring meeting. There is a lot of administrative overhead and preparation work.

Dimitris proposed 2 all-hands meetings but keep the third option for 1 or 2-day meeting on special topics. For example, a NetSec summit or a SCWG special meeting to work on specific open issues, drafting language to address issues that are otherwise stale.

For large group meetings, the plan should be announced 6-8 months in advance. For smaller groups, it would be easier to host with a shorter notice.

Tom with regards to New York, ask GTS to be the last F2F meeting because they may have done preparations already. According to Dean, GTS has not done any preparations and could probably cancel the meeting.

Chris: From a planning perspective, proceed with 2 a year and stand up summits like in the past.

Next call

Next scheduled call is on November 10, 2025.

Meeting adjourned.