CA/Browser Forum
Home » All CA/Browser Forum Posts » 2026-02-12 Minutes of the Forum

2026-02-12 Minutes of the Forum

Minutes:

CA/B Forum plenary Meeting - February 12, 2026

Notes by: Janet Hines (VikingCloud)

Attendees

  • Adam Folson (IdenTrust)
  • Adriano Santoni (Actalis S.p.A.)
  • Antti Backman (Telia Company)
  • Ben Wilson (Mozilla)
  • Chris Clements (Google)
  • Clint Wilson (Apple)
  • Corey Bonnell (DigiCert)
  • Corey Rasmussen (OATI)
  • Daryn Wright (Apple)
  • Dean Coclin (DigiCert)
  • Dimitris Zacharopoulos (HARICA)
  • Dustin Hollenback (Apple)
  • Enrico Entschew (D-TRUST)
  • Eric Kramer (Sectigo)
  • Gurleen Grewal (Google)
  • Hazhar Ismail (MSC Trustgate Sdn Bhd)
  • Inaba Atsushi (GlobalSign)
  • Iñigo Barreira (Sectigo)
  • Janet Hines (VikingCloud)
  • Jeanette Snook (Visa)
  • Jeff Ward (CPA Canada/WebTrust)
  • Johnny Reading (GoDaddy)
  • Jos Purvis (Fastly)
  • Julie Olson (GlobalSign)
  • Jun Okura (Cybertrust Japan)
  • Karina Sirota (Microsoft)
  • Karolina Ruszczyńska (Asseco Data Systems SA (Certum))
  • Lilia Dubko (CPA Canada/WebTrust)
  • Lucy Buecking (IdenTrust)
  • Luis Cervantes (SSL.com)
  • Mahua Chaudhuri (Microsoft)
  • Marco Schambach (IdenTrust)
  • Martijn Katerbarg (Sectigo)
  • Masaru Sakamoto (Cybertrust Japan)
  • Michelle Coon (OATI)
  • Nate Smith (GoDaddy)
  • Nome Huang (TrustAsia)
  • Ono Fumiaki (SECOM Trust Systems)
  • Pedro Fuentes (OISTE Foundation)
  • Peter Miskovic (Disig)
  • Raffaela Achermann (SwissSign)
  • Rebecca Kelly (SSL.com)
  • Roman Fischer (SwissSign)
  • Ryan Dickson (Google)
  • Sándor Szőke (Microsec)
  • Sandy Balzer (SwissSign)
  • Scott Rea (eMudhra)
  • Sean Huang (TWCA)
  • Stephen Davidson (DigiCert)
  • Steven Deitte (GoDaddy)
  • Sven Rajala (Keyfactor)
  • Tadahiko Ito (SECOM Trust Systems)
  • Tathan Thacker (IdenTrust)
  • Tim Callan (Sectigo)
  • Tobias Josefowitz (Opera Software AS)
  • Trevoli Ponds-White (Amazon)
  • Wayne Thayer (Fastly)
  • Wendy Brown (US Federal PKI Management Authority)
  • Wiktoria Więckowska (Asseco Data Systems SA (Certum)).

Minutes

Begin Recording - Roll Call

  • Read note-well - Note-well read by Dimitris in the SCWG call

Review of Agenda

  • No changes

Approval of minutes

  • January 15, 2026 minutes were approved.
  • January 29, 2026 have yet to be distributed.

Server Certificate Working Group update (Dimitris)

  • General Ballot discussions
  • Cleanup ballot: It was decided to cancel voting process to fix an incorrect RFC reference.
  • Validation Working Group (Corey) - Had guest speaker - CAA parameters ballot (Wayne) - Needs a second endorser. - CAA Security Draft RFC at the IETF - Defines a new CAA record type called security - Domain owner wants to use only DCV methods that can be cryptographically verified. - ADN Improvement ballot (Aaron and Jacob) - Discussion around various scenarios where following CNAMEs may or may not be allowed. On mailing list for discussion.

Code Signing Certificate Working Group update (Martijn)

  • Migration to a single profile (OV and EV Code Signing)
  • Microsoft working on a proposal to remove the phone validation.

S/MIME Certificate Working Group update (Stephen)

  • SMC-015 - [Discussion Period] - Use of mobile driver’s license for automation of validation of identity and removal of outdated ETSI EN-319403. [EN-319403-1 was the replacement]
  • SMC-016 - Implement the TLS Ballots (DNSSEC logging removed out of scope and SHA-1 complete removal)
  • SMTP to SMTP authentication which is typically done by TLS clientAuth/serverAuth certificates. Trying to gather data on this situation’s impact to the email ecosystem. May add this to the F2F discussion.

NetSec Working Group update (Clint)

  • Discussion on an approach that Miguel had put together for using NIST framework with the controls to update the NetSec requirements.

Definitions and Glossary Working Group (Tim C.)

  • No update

Forum Infrastructure Subcommittee update (Jos)

  • Instructions for forms with QR to record the F2F in person attendance.
  • CLA and guidelines for GitHub contributions (Ben working on this)
  • Backlog grooming
  • Added a backlog item to do a full review of the website, put up a change in Git or pass along to a member of the committee.
  • One area is the About pages. Ben deleted out of date materials on some. Resources pages are out of date as well.
  • Going to a monthly meeting calendar.

Any Other Business

  • Please sign up for the F2F!
  • All groups should be thinking about their agenda for the F2F and place it in the wiki.
  • IPR Revision: Ben needs feedback via a straw poll. - New member comes in they have 45-days to file an exclusion notice on a draft guideline; but it is not clear about existing guidelines. - Question: Do we go with the vague existing policy of any guideline (existing and new) verses only draft guidelines - Should send to the legal folks to review this in the IPR subcommittee.
  • Add an IPR agenda item for the next few meetings.

Next call

Feb 26, 2026

Adjourn

Latest releases
Server Certificate Requirements
SC095v3: Clean-up 2025 - Apr 2, 2026

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.13 - Ballot SMC015v2 - Mar 28, 2026

This ballot introduces requirements that a CA or RA must follow to rely upon a Mobile Drivers License (mDL) to provide evidence for the authentication of individual identity. It allows the use of mDL that conform to ISO/IEC 18013-5 and which may be verified by the CA or RA in conformance with ISO/IEC 18013-7. The CA or RA shall only accept mDL from an Issuing Authority that is legally authorized by the relevant government or jurisdiction to issue driving licenses. The draft also aligns the subsections of 3.2.4.2 (Validation of individual identity) to correspond more closely with those in 3.2.4.1 (Attribute collection of individual identity). It also includes minor editorial corrections. SMC015v2 was updated to remove an additional reference to the superceded ETSI EN 319 403. This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Ben Wilson (Mozilla) and Scott Rea (eMudhra).

Network and Certificate System Security Requirements
Version 2.0.5 (Ballot NS-008) - Jul 9, 2025

Related posts
Tags
Forum Minutes
Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).