Minutes for CA/B Forum Plenary Teleconference 2025-11-06

Minutes

Meeting minutes for November 6th were approved. Dean said that the summer F2F meetings for the next few years have been cancelled.

Servercert WG update

Dimitris said that some members were approved. Ballot status was discussed during the meeting.

Validation SC update

Corey said that the entirety of the call was spent on the ADN ballot. Several improvements to the ballot were made because of the discussion. Dimitris said that there were several security concerns discussed as well and encouraged everyone to read the minutes when they are available.

Code Signing WG update

Martijn said that the 460-day validity period ballot has been finalized. Meeting cadence has changed to every four weeks.

S/MIME WG update

Stephen said there will be a ballot to allow the use of mobile drivers’ licenses for validation. There will also be a ballot to prevent email addresses from being used as pseudonyms and require the use of a tag in the common name if it contains a pseudonym. There will be further discussion on the uniqueness of pseudonyms next year. Stephen also said there is an effort to rewrite the certificate profiles to mirror the specificity and style of the TLS BR profiles. The December 3rd meeting will be held but the two meetings following that will be cancelled.

NetSec WG update

Clint said the discussion dealt with a proposal to rewrite the NCSSRs being led by Miguel.

Definitions + Glossary WG update

Dean said the group is awaiting a resource from Sectigo to move the group along.

Infrastructure SC

Jos said there was no meeting. Dean said it would be helpful if a solution for attendance gathering for F2F meetings is developed. Stephen agreed it is difficult to figure out attendance due to the presence of in-person, online, (or both) attendees. Jos said he will ask members whether the group will meet next week.

Other business

Emeritus Member Category

Dean said he circulated a proposal to create a Member Emeritus category. He said other standards groups have a similar category and it greatly helps those groups. Dean said that he received several private messages indicating support for this new category.

Wayne said if people who are retired are interested, perhaps they can help with the operation of the Forum. Dimitris said that the category would be useful to understand why the Bylaws are written the way they are. Aaron said he is supportive of this category. However, he said he is nervous about the selection criteria; the development of the criteria and its application is important to get right.

Dean said the details will need to be ironed out but wanted to gauge the Forum on the feasibility of the idea. Chris said that he thought this proposal was in response to the problem mentioned at the last SCWG meeting regarding the potential inequitable treatment of Interested Parties. Dean said that employment in the industry would disqualify membership in this category. Dimitris suggested we should look at the other groups’ criteria to see how we can create appropriate membership rules.

Scott said that there is a potential problem on measuring “significance” of the person to the Forum. The main factor should be future contribution potential.

Dean said he will incorporate this feedback and come back with a concrete proposal.

New IPR Agreement

Ben said he will propose a ballot for the updated IPR policy. It will require re-signing of the policy by all Members. Ben said that we need to establish a deadline by when all Members must sign. Dean said this is sometimes a challenge, so he suggested a long timeframe. Roman said no matter how much time is given, there will still be late signers. Dimitris said that members who does not timely sign can be suspended until they sign. Dean suggested July 1st as a potential date.

The next call will be on December 4th. Meeting adjourned.

Attendance

Aaron Gable (Let’s Encrypt), Adam Jones (Microsoft), Adriano Santoni (Actalis S.p.A.), Alvin Wang (SHECA), Antti Backman (Telia Company), Ben Wilson (Mozilla), Brianca Martin (Amazon), Chris Clements (Google), Clint Wilson (Apple), Corey Bonnell (DigiCert), Cynethia Brown (US Federal PKI Management Authority), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Apple), Enrico Entschew (D-TRUST), Hogeun Yoo (NAVER Cloud Trust Services), Inaba Atsushi (GlobalSign), Iñigo Barreira (Sectigo), Jeanette Snook (Visa), Jeff Ward (CPA Canada/WebTrust), Jos Purvis (Fastly), Jun Okura (Cybertrust Japan), Lilia Dubko (CPA Canada/WebTrust), Lucy Buecking (IdenTrust), Luis Cervantes (SSL.com), Lynn Jeun (Visa), Mahua Chaudhuri (Microsoft), Marco Schambach (IdenTrust), Martijn Katerbarg (Sectigo), Matthew McPherrin (Let’s Encrypt), Michelle Coon (OATI), Nargis Mannan (VikingCloud), Nate Smith (GoDaddy), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Paul van Brouwershaven (Entrust), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Rich Smith (DigiCert), Rollin Yu (TrustAsia), Roman Fischer (SwissSign), Ryan Dickson (Google), Sandy Balzer (SwissSign), Scott Rea (eMudhra), Sean Huang (TWCA), Stephen Davidson (DigiCert), Steven Deitte (GoDaddy), Sven Rajala (Keyfactor), Tathan Thacker (IdenTrust), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Wiktoria Więckowska (Asseco Data Systems SA (Certum)), Yamian Quintero (Microsoft)