CA/Browser Forum posts
Ballot SMC012: Introduce ACME for S/MIME
May 19, 2025 by Stephen DavidsoonBallot SMC012: Introduce ACME for S/MIME Summary: This ballot introduces a new method for validation of mailbox control, using ACME for S/MIME as defined in RFC 8823: Extensions to Automatic Certificate Management Environment for End-User S/MIME Certificates. Although similar to the existing method (3.2.2.2) “Validating control over mailbox via email”, ACME for S/MIME has been defined in a new method in order to better describe how a CA’s ACME server may respond to a POST request by sending the Random Value token components via email and SMTP.
May 19, 2025 by Stephen DavidsoonBallot SMC012: Introduce ACME for S/MIME Summary: This ballot introduces a new method for validation of mailbox control, using ACME for S/MIME as defined in RFC 8823: Extensions to Automatic Certificate Management Environment for End-User S/MIME Certificates. Although similar to the existing method (3.2.2.2) “Validating control over mailbox via email”, ACME for S/MIME has been defined in a new method in order to better describe how a CA’s ACME server may respond to a POST request by sending the Random Value token components via email and SMTP.
2025-05-08 Minutes of the Forum
May 8, 2025 by CA/B Forum and Server Certificate WG Teleconference - 2025-05-08Meeting Title: CA/Browser Forum Date: 8 May 2025 Chair: Dean Coclin Minutes Taken By: Wayne Thayer 1. Roll Call and Housekeeping Meeting called to order by Dean Coclin; recording in process. 2. Note-well Note-well has already been read. 3. Review Agenda No changes to the agenda. 4. Approval of Minutes April 10th (Trev) - these are still pending. April 24th (Thomas) - have been posted to the management list; minutes approved. F2F#64 - minutes approved. 5. Server Certificate Working Group update (Dimitris) SCWG Discussed recent comments on SC081; no action needed. Discussion on ability to lock comments on PRs and request to Infrastructure SC to standardize. Ballots were discussed. Validation Subcommittee Corey reported focus on SC085 (DNSSEC ballot) and technical details/effective dates. Also discussed SC082 redux and new validation method by Michael Slaughter. Ongoing PR discussion on GitHub. 6. Code Signing Certificate Working Group update (Martijn) No call was held; no updates. 7. S/MIME Certificate Working Group update (Stephen) Discussed ACME for S/MIME ballot. Discussed tagging of pseudonyms in common names to prevent confusion. Broader discussion on adopting the detailed Section 7 structure of the TLS BRs. SMC011 exits IPR on May 14. 8. NetSec Working Group update (Clint) Discussion of NS008 and section 2.2.6 remote connections language. Potential confusion with “access to CA infrastructure” for customer portals. Proposed new term: “privileged access” to clarify. Ballot updated to version 3 and discussion period restarted. Aiming to move to voting on May 14th. 9. Definitions and Glossary Working Group (Tim C.) No update. 10. Forum Infrastructure Subcommittee update (Jos) Reviewed GitHub ‘restrict comments’ setting—agreed to use and document in CLA/readme. Ben’s meeting minutes template added to wiki; plan to test with AI transcription. Suggestion: chairs should clearly call out agenda sections for AI alignment. Concern raised by Wayne: restricting comments may drive demand for write access. Jos: propose self-service update via membership-tools record. 11. Intellectual Property Rights Subcommittee (Ben) Next meeting scheduled for May 15* 12. Bylaws Changes (Ben - Dimitris) No recent progress. Rebecca Kelley to collaborate with Ben. 13. Any Other Business Toronto Face-to-Face meeting approaching. In-person attendance deadline has passed. Reminder to book hotels. Aaron drafted a bylaws update ballot to allow WG chairs to convert relative effective dates to concrete dates post-ballot. Planning to begin discussion period. 14. Next Call May 22, 2025 15. Adjourn Attendees Aaron Gable (Let’s Encrypt), Aaron Poulsen (Amazon), Adam Jones (Microsoft), Adriano Santoni (Actalis S.p.A.), Antti Backman (Telia Company), Ben Wilson (Mozilla), Brianca Martin (Amazon), Chris Clements (Google), Clint Wilson (Apple), Corey Bonnell (DigiCert), Corey Rasmussen (OATI), Cynethia Brown (US Federal PKI Management Authority), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Gregory Tomko (GlobalSign), Hazhar Ismail (MSC Trustgate Sdn Bhd), Inaba Atsushi (GlobalSign), Iori Kondo (Cybertrust Japan), Jaime Hablutzel (OISTE Foundation), Jeanette Snook (Visa), Jeff Ward (Aprio), Johnny Reading (GoDaddy), Jos Purvis (Fastly), Jun Okura (Cybertrust Japan), Karina Sirota (Microsoft), Kate Xu (TrustAsia), Kiran Tummala (Microsoft), Li-Chun Chen (Chunghwa Telecom), Lucy Buecking (IdenTrust), Luis Cervantes (SSL.com), Mahua Chaudhuri (Microsoft), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Matthew McPherrin (Let’s Encrypt), Michael Slaughter (Amazon), Michelle Coon (OATI), Mohd Redha Hamzah (Pos Digicert Sdn. Bhd.), Mrugesh Chandarana (IdenTrust), Nargis Mannan (VikingCloud), Nate Smith (GoDaddy), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Rich Smith (DigiCert), Rollin Yu (TrustAsia), Ryan Dickson (Google), Scott Rea (eMudhra), Sooyoung Eo (NAVER Cloud Trust Services), Stephen Davidson (DigiCert), Steven Deitte (GoDaddy), Tadahiko Ito (SECOM Trust Systems), Thomas Zermeno (SSL.com), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yamian Quintero (Microsoft)
May 8, 2025 by CA/B Forum and Server Certificate WG Teleconference - 2025-05-08Meeting Title: CA/Browser Forum Date: 8 May 2025 Chair: Dean Coclin Minutes Taken By: Wayne Thayer 1. Roll Call and Housekeeping Meeting called to order by Dean Coclin; recording in process. 2. Note-well Note-well has already been read. 3. Review Agenda No changes to the agenda. 4. Approval of Minutes April 10th (Trev) - these are still pending. April 24th (Thomas) - have been posted to the management list; minutes approved. F2F#64 - minutes approved. 5. Server Certificate Working Group update (Dimitris) SCWG Discussed recent comments on SC081; no action needed. Discussion on ability to lock comments on PRs and request to Infrastructure SC to standardize. Ballots were discussed. Validation Subcommittee Corey reported focus on SC085 (DNSSEC ballot) and technical details/effective dates. Also discussed SC082 redux and new validation method by Michael Slaughter. Ongoing PR discussion on GitHub. 6. Code Signing Certificate Working Group update (Martijn) No call was held; no updates. 7. S/MIME Certificate Working Group update (Stephen) Discussed ACME for S/MIME ballot. Discussed tagging of pseudonyms in common names to prevent confusion. Broader discussion on adopting the detailed Section 7 structure of the TLS BRs. SMC011 exits IPR on May 14. 8. NetSec Working Group update (Clint) Discussion of NS008 and section 2.2.6 remote connections language. Potential confusion with “access to CA infrastructure” for customer portals. Proposed new term: “privileged access” to clarify. Ballot updated to version 3 and discussion period restarted. Aiming to move to voting on May 14th. 9. Definitions and Glossary Working Group (Tim C.) No update. 10. Forum Infrastructure Subcommittee update (Jos) Reviewed GitHub ‘restrict comments’ setting—agreed to use and document in CLA/readme. Ben’s meeting minutes template added to wiki; plan to test with AI transcription. Suggestion: chairs should clearly call out agenda sections for AI alignment. Concern raised by Wayne: restricting comments may drive demand for write access. Jos: propose self-service update via membership-tools record. 11. Intellectual Property Rights Subcommittee (Ben) Next meeting scheduled for May 15* 12. Bylaws Changes (Ben - Dimitris) No recent progress. Rebecca Kelley to collaborate with Ben. 13. Any Other Business Toronto Face-to-Face meeting approaching. In-person attendance deadline has passed. Reminder to book hotels. Aaron drafted a bylaws update ballot to allow WG chairs to convert relative effective dates to concrete dates post-ballot. Planning to begin discussion period. 14. Next Call May 22, 2025 15. Adjourn Attendees Aaron Gable (Let’s Encrypt), Aaron Poulsen (Amazon), Adam Jones (Microsoft), Adriano Santoni (Actalis S.p.A.), Antti Backman (Telia Company), Ben Wilson (Mozilla), Brianca Martin (Amazon), Chris Clements (Google), Clint Wilson (Apple), Corey Bonnell (DigiCert), Corey Rasmussen (OATI), Cynethia Brown (US Federal PKI Management Authority), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Gregory Tomko (GlobalSign), Hazhar Ismail (MSC Trustgate Sdn Bhd), Inaba Atsushi (GlobalSign), Iori Kondo (Cybertrust Japan), Jaime Hablutzel (OISTE Foundation), Jeanette Snook (Visa), Jeff Ward (Aprio), Johnny Reading (GoDaddy), Jos Purvis (Fastly), Jun Okura (Cybertrust Japan), Karina Sirota (Microsoft), Kate Xu (TrustAsia), Kiran Tummala (Microsoft), Li-Chun Chen (Chunghwa Telecom), Lucy Buecking (IdenTrust), Luis Cervantes (SSL.com), Mahua Chaudhuri (Microsoft), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Matthew McPherrin (Let’s Encrypt), Michael Slaughter (Amazon), Michelle Coon (OATI), Mohd Redha Hamzah (Pos Digicert Sdn. Bhd.), Mrugesh Chandarana (IdenTrust), Nargis Mannan (VikingCloud), Nate Smith (GoDaddy), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Rich Smith (DigiCert), Rollin Yu (TrustAsia), Ryan Dickson (Google), Scott Rea (eMudhra), Sooyoung Eo (NAVER Cloud Trust Services), Stephen Davidson (DigiCert), Steven Deitte (GoDaddy), Tadahiko Ito (SECOM Trust Systems), Thomas Zermeno (SSL.com), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yamian Quintero (Microsoft)
2025-05-07 Minutes of the S/MIME Certificate Working Group
May 7, 2025 by Minutes of SMCWG May 7, 2025 These are the Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply.
May 7, 2025 by Minutes of SMCWG May 7, 2025 These are the Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply.
2025-04-24 Minutes of the Forum
April 24, 2025 by Roll Call and Housekeeping Meeting called to order by Dean; recording in process Roll taken by recording Note-well Note-well has already been read Review Agenda Begin Recording - Roll Call Read note-well Review of Agenda Approval of minutes: April 10th and F2F. Server Certificate Working Group update (Dimitris) Code Signing Certificate Working Group update (Martijn) S/MIME Certificate Working Group update (Stephen) NetSec Working Group update (Clint) Definitions and Glossary Working Group (Tim H.) Forum Infrastructure Subcommittee update (Jos) Intellectual Property Rights Subcommittee (Ben) Bylaws changes (Ben - Dimitris) Any Other Business Next call: May 8, 2025 Adjourn Approval of Minutes No minutes for 2024-04-10 Minutes from the F2F: Ryan asked for more time to review - deferred to next meeting. Draft minutes and presentations from F2F are available on Wiki Server Certificate Working Group update (Dimitris) SCWG
April 24, 2025 by Roll Call and Housekeeping Meeting called to order by Dean; recording in process Roll taken by recording Note-well Note-well has already been read Review Agenda Begin Recording - Roll Call Read note-well Review of Agenda Approval of minutes: April 10th and F2F. Server Certificate Working Group update (Dimitris) Code Signing Certificate Working Group update (Martijn) S/MIME Certificate Working Group update (Stephen) NetSec Working Group update (Clint) Definitions and Glossary Working Group (Tim H.) Forum Infrastructure Subcommittee update (Jos) Intellectual Property Rights Subcommittee (Ben) Bylaws changes (Ben - Dimitris) Any Other Business Next call: May 8, 2025 Adjourn Approval of Minutes No minutes for 2024-04-10 Minutes from the F2F: Ryan asked for more time to review - deferred to next meeting. Draft minutes and presentations from F2F are available on Wiki Server Certificate Working Group update (Dimitris) SCWG
2025-04-24 Minutes of the Server Certificate Working Group
April 24, 2025 by Wayne Thayer1. Roll Call and Housekeeping Meeting called to order by Dimitris Zacharopoulos. Tom to take minutes; recording sent to him. Attendees: Aaron Gable (Let’s Encrypt), Aaron Poulsen (Amazon), Ben Wilson (Mozilla), Bruce Morton (Entrust), Chad Dandar (Cisco Systems), Chris Clements (Google), Clint Wilson (Apple), Corey Bonnell (DigiCert), Corey Rasmussen (OATI), Cynethia Brown (US Federal PKI Management Authority), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Enrico Entschew (D-TRUST), Gregory Tomko (GlobalSign), Inaba Atsushi (GlobalSign), Iñigo Barreira (Sectigo), Iori Kondo (Cybertrust Japan), Jaime Hablutzel (OISTE Foundation), Janet Hines (VikingCloud), Jeanette Snook (Visa), Ji Eun Seong (MOIS (Ministry of Interior and Safety) of the republic of Korea), Johnny Reading (GoDaddy), Josselin Allemandou (Certigna (DHIMYOTIS)), Jun Okura (Cybertrust Japan), Kateryna Aleksieieva (Asseco Data Systems SA (Certum)), Kate Xu (TrustAsia), Kiran Tummala (Microsoft), Li-Chun Chen (Chunghwa Telecom), Lilia Dubko (CPA Canada/WebTrust), Llew Curran (GoDaddy), Lucy Buecking (IdenTrust), Mads Henriksveen (Buypass AS), Martijn Katerbarg (Sectigo), Masaru Sakamoto (Cybertrust Japan), Michelle Coon (OATI), Nargis Mannan (VikingCloud), Nate Smith (GoDaddy), Nicol So (CommScope), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Peter Miskovic (Disig), Rollin Yu (TrustAsia), Ryan Dickson (Google), Sandy Balzer (SwissSign), Scott Rea (eMudhra), Sissel Hoel (Buypass AS), Sooyoung Eo (NAVER Cloud Trust Services), Stephen Davidson (DigiCert), Steven Deitte (GoDaddy), Tadahiko Ito (SECOM Trust Systems), Tim Callan (Sectigo), Tobias Josefowitz (Opera Software AS), Tsung-Min Kuo (Chunghwa Telecom), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yamian Quintero (Microsoft).
April 24, 2025 by Wayne Thayer1. Roll Call and Housekeeping Meeting called to order by Dimitris Zacharopoulos. Tom to take minutes; recording sent to him. Attendees: Aaron Gable (Let’s Encrypt), Aaron Poulsen (Amazon), Ben Wilson (Mozilla), Bruce Morton (Entrust), Chad Dandar (Cisco Systems), Chris Clements (Google), Clint Wilson (Apple), Corey Bonnell (DigiCert), Corey Rasmussen (OATI), Cynethia Brown (US Federal PKI Management Authority), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Enrico Entschew (D-TRUST), Gregory Tomko (GlobalSign), Inaba Atsushi (GlobalSign), Iñigo Barreira (Sectigo), Iori Kondo (Cybertrust Japan), Jaime Hablutzel (OISTE Foundation), Janet Hines (VikingCloud), Jeanette Snook (Visa), Ji Eun Seong (MOIS (Ministry of Interior and Safety) of the republic of Korea), Johnny Reading (GoDaddy), Josselin Allemandou (Certigna (DHIMYOTIS)), Jun Okura (Cybertrust Japan), Kateryna Aleksieieva (Asseco Data Systems SA (Certum)), Kate Xu (TrustAsia), Kiran Tummala (Microsoft), Li-Chun Chen (Chunghwa Telecom), Lilia Dubko (CPA Canada/WebTrust), Llew Curran (GoDaddy), Lucy Buecking (IdenTrust), Mads Henriksveen (Buypass AS), Martijn Katerbarg (Sectigo), Masaru Sakamoto (Cybertrust Japan), Michelle Coon (OATI), Nargis Mannan (VikingCloud), Nate Smith (GoDaddy), Nicol So (CommScope), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Peter Miskovic (Disig), Rollin Yu (TrustAsia), Ryan Dickson (Google), Sandy Balzer (SwissSign), Scott Rea (eMudhra), Sissel Hoel (Buypass AS), Sooyoung Eo (NAVER Cloud Trust Services), Stephen Davidson (DigiCert), Steven Deitte (GoDaddy), Tadahiko Ito (SECOM Trust Systems), Tim Callan (Sectigo), Tobias Josefowitz (Opera Software AS), Tsung-Min Kuo (Chunghwa Telecom), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yamian Quintero (Microsoft).
2025-04-23 Minutes of the S/MIME Certificate Working Group
April 23, 2025 by Minutes of SMCWG April 23, 2025 These are the Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply.
April 23, 2025 by Minutes of SMCWG April 23, 2025 These are the Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply.
2025-04-17 Minutes of the Code Signing Certificate Working Group
April 17, 2025 by Minutes of CSCWG April 17, 2025 These are the approved minutes of the CSCWG meeting of April 17th, 2025 as prepared by Martijn Katerbarg
April 17, 2025 by Minutes of CSCWG April 17, 2025 These are the approved minutes of the CSCWG meeting of April 17th, 2025 as prepared by Martijn Katerbarg
Ballot SC081v3: Introduce Schedule of Reducing Validity and Data Reuse Periods
April 11, 2025 by Wayne ThayerVoting Results Certificate Issuers 30 votes in total:
April 11, 2025 by Wayne ThayerVoting Results Certificate Issuers 30 votes in total:
2025-04-09 Minutes of the S/MIME Certificate Working Group
April 9, 2025 by Martijn KaterbargMinutes of SMCWG April 9, 2025 These are the Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply.
April 9, 2025 by Martijn KaterbargMinutes of SMCWG April 9, 2025 These are the Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply.
Ballot SMC011 - Add EUID as Registration Reference
March 31, 2025 by Stephen DavidsonThe Intellectual Property Review (IPR) period for Ballot SMC011 (Add EUID as Registration Reference) has completed. No IPR Exclusion Notices were filed, and the ballot is adopted as of May 14, 2025. The new S/MIME BR v.1.0.9 have been published to the CABF public website in accordance with the Bylaws: https://cabforum.org/uploads/CA-Browser-Forum-SMIMEBR-1.0.9.pdf IPR Review of Ballot SMC011: Add EUID as Registration Reference This Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum’s Intellectual Property Rights Policy (v1.3). This 30-day Review Period is for the Final Maintenance Guideline that is attached to this Review Notice.
March 31, 2025 by Stephen DavidsonThe Intellectual Property Review (IPR) period for Ballot SMC011 (Add EUID as Registration Reference) has completed. No IPR Exclusion Notices were filed, and the ballot is adopted as of May 14, 2025. The new S/MIME BR v.1.0.9 have been published to the CABF public website in accordance with the Bylaws: https://cabforum.org/uploads/CA-Browser-Forum-SMIMEBR-1.0.9.pdf IPR Review of Ballot SMC011: Add EUID as Registration Reference This Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum’s Intellectual Property Rights Policy (v1.3). This 30-day Review Period is for the Final Maintenance Guideline that is attached to this Review Notice.