CA/Browser Forum posts
Ballot SC0101v2: Clarify Authorization Domain Names
July 1, 2026 by Voting Results Certificate Issuers 27 votes in total:
July 1, 2026 by Voting Results Certificate Issuers 27 votes in total:
2026-06-18 Minutes of the Forum
June 18, 2026 by Minutes: CA/B Forum plenary Meeting - June 18, 2026 1. Roll Call – from recording 2. Read note-well The note-well was read by Dimitris in prior session.
June 18, 2026 by Minutes: CA/B Forum plenary Meeting - June 18, 2026 1. Roll Call – from recording 2. Read note-well The note-well was read by Dimitris in prior session.
2026-06-18 Minutes of the Server Certificate Working Group
June 18, 2026 by Wayne ThayerMinutes: Roll Call – from recording We also had the following persons present: Naresh Charugundla (Microsoft), Rajeev Mohindra (Microsoft), Logan Mabe (Microsoft) who were not registered in the Member’s tool. Read note-well The note-well was read by Dimitris. Review of Agenda The Agenda as provided on list prior to the call (see above). Minutes June 4, 2026 (Draft minutes were distributed on 2026-06-16) – are Approved Membership Applications No current Applications to review. Ballot Status SC101v2 (https://github.com/cabforum/servercert/pull/627) Clarify Authorization Domain Names (Aaron Gable) Ballot moved to V2 with substantive change being effective date in 3.2.2.5.3. A couple of other editorial updates also. Expected to go to discussion period tomorrow.
June 18, 2026 by Wayne ThayerMinutes: Roll Call – from recording We also had the following persons present: Naresh Charugundla (Microsoft), Rajeev Mohindra (Microsoft), Logan Mabe (Microsoft) who were not registered in the Member’s tool. Read note-well The note-well was read by Dimitris. Review of Agenda The Agenda as provided on list prior to the call (see above). Minutes June 4, 2026 (Draft minutes were distributed on 2026-06-16) – are Approved Membership Applications No current Applications to review. Ballot Status SC101v2 (https://github.com/cabforum/servercert/pull/627) Clarify Authorization Domain Names (Aaron Gable) Ballot moved to V2 with substantive change being effective date in 3.2.2.5.3. A couple of other editorial updates also. Expected to go to discussion period tomorrow.
2026-06-17 Minutes of the S/MIME Certificate Working Group
June 17, 2026 by Minutes of SMCWG June 17, 2026 These are the Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply.
June 17, 2026 by Minutes of SMCWG June 17, 2026 These are the Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply.
Ballot CSC-32: Make a Reserved Policy OID mandatory
June 16, 2026 by The Intellectual Property Review (IPR) period for Ballot CSC-32 (Ballot CSC-32: Make a Reserved Policy OID mandatory) has completed. No IPR Exclusion Notices were filed, and the ballot is adopted as of November 17, 2025. The new CSC BRs v3.10.0 have been published to the CABF public website in accordance with the Bylaws: https://cabforum.org/uploads/CA-Browser-Forum-CSCBR-3.11.0.pdf IPR Review of Ballot CSC-32: Make a Reserved Policy OID mandatory This Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum’s Intellectual Property Rights Policy (v1.3). This Review Period of 30 days is for one Final Maintenance Guidelines. The complete Draft Maintenance Guideline that is the subject of this Review Notice is attached to this email.
June 16, 2026 by The Intellectual Property Review (IPR) period for Ballot CSC-32 (Ballot CSC-32: Make a Reserved Policy OID mandatory) has completed. No IPR Exclusion Notices were filed, and the ballot is adopted as of November 17, 2025. The new CSC BRs v3.10.0 have been published to the CABF public website in accordance with the Bylaws: https://cabforum.org/uploads/CA-Browser-Forum-CSCBR-3.11.0.pdf IPR Review of Ballot CSC-32: Make a Reserved Policy OID mandatory This Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum’s Intellectual Property Rights Policy (v1.3). This Review Period of 30 days is for one Final Maintenance Guidelines. The complete Draft Maintenance Guideline that is the subject of this Review Notice is attached to this email.
Ballot SMC017v2: Increase Minimum RSA CA Key Size
June 16, 2026 by Stephen Davidson[IPR Review] Ballot SMC017v2: Increase Minimum RSA CA Key SizeThis Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum’s Intellectual Property Rights Policy (v1.4). This Review Period of 30 days is for one Final Maintenance Guidelines. The complete Draft Maintenance Guideline that is the subject of this Review Notice may be found at https://cabforum.org/uploads/CA-Browser-Forum-SMIMEBR-1.0.15-Redline.pdf. Summary of Review Ballot for Review: Ballot SMC017v2: Increase Minimum RSA CA Key Size
June 16, 2026 by Stephen Davidson[IPR Review] Ballot SMC017v2: Increase Minimum RSA CA Key SizeThis Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum’s Intellectual Property Rights Policy (v1.4). This Review Period of 30 days is for one Final Maintenance Guidelines. The complete Draft Maintenance Guideline that is the subject of this Review Notice may be found at https://cabforum.org/uploads/CA-Browser-Forum-SMIMEBR-1.0.15-Redline.pdf. Summary of Review Ballot for Review: Ballot SMC017v2: Increase Minimum RSA CA Key Size
2026-06-04 Minutes of the Forum
June 4, 2026 by Minutes: Attendees Aaron Gable (Let’s Encrypt), Aaron Poulsen (SSL.com), Adam Folson (IdenTrust), Adriano Santoni (Actalis S.p.A.), Alexandros Afentoulis (HARICA), Alvin Wang (SHECA), Andrea Holland (IdenTrust), Antti Backman (Telia Company), Arman Asemani (Apple), Ben Wilson (Mozilla), Chad Dandar (Cisco Systems), Chris Clements (Google), Clint Wilson (Apple), Cynethia Brown (US Federal PKI Management Authority), Daryn Wright (Apple), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Apple), Eamon Zhang (TrustAsia), Eleftheria Theologou (HARICA), Enrico Entschew (D-TRUST), Eric Hampshire (Cisco Systems), Georgy Sebastian (Amazon), Grace Cimaszewski (Grace Cimaszewski (Private Person)), Gregory Tomko (GlobalSign), Gurleen Grewal (Google), Hazhar Ismail (MSC Trustgate Sdn Bhd), Henry Birge-Lee (Henry Birge-Lee (Private person)), Hogeun Yoo (NAVER Cloud Trust Services), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Jan Smith (US Federal PKI Management Authority), Jinhwan Shin (CPA Canada/WebTrust), Joe DeBlasio (Google), John Mason (Microsoft), Johnny Reading (GoDaddy), Joseph Cigin (Joseph Cigin (Private Person)), Jos Purvis (Fastly), Josselin Allemandou (Certigna (DHIMYOTIS)), Jun Okura (Cybertrust Japan), Karina Sirota (Microsoft), Kateryna Aleksieieva (Asseco Data Systems SA (Certum)), Kiran Tummala (Apple), Li-Chun Chen (Chunghwa Telecom), Lilia Dubko (CPA Canada/WebTrust), Lucy Buecking (IdenTrust), Mads Henriksveen (Buypass AS), Mahua Chaudhuri (Microsoft), Marijn Nagelkerke (360 Browser), Mark Gamache (Mark Gamache (Private Person)), Mark Nelson (IdenTrust), Martijn Katerbarg (Sectigo), Masaru Sakamoto (Cybertrust Japan), Masatoshi Shigaki (CPA Canada/WebTrust), Matthew McPherrin (Let’s Encrypt), Michelle Coon (OATI), Mrugesh Chandarana (IdenTrust), Nate Smith (GoDaddy), Nick France (Sectigo), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Paul van Brouwershaven (Entrust), Paul van Brouwershaven (Digitorus), Pekka Lahtiharju (Telia Company), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Rob Brady (SGNR, LLC), Rob Stradling (Sectigo), Rob White (GoDaddy), Rollin Yu (TrustAsia), Roman Fischer (SwissSign), Sándor Szőke (Microsec), Sandy Balzer (SwissSign), Scott Rea (eMudhra), Sean Huang (TWCA), Sven Rajala (Keyfactor), Tadahiko Ito (SECOM Trust Systems), Tathan Thacker (IdenTrust), Thomas Connelly (US Federal PKI Management Authority), Thomas Zermeno (SSL.com), Tim Callan (Sectigo), Tim Crawford (CPA Canada/WebTrust), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Tsung-Min Kuo (Chunghwa Telecom), Vikas Khanna (Microsoft), Vinay Kumar (OATI), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Zhao Kuisen (NovaVanguard Technology Co., Ltd.)
June 4, 2026 by Minutes: Attendees Aaron Gable (Let’s Encrypt), Aaron Poulsen (SSL.com), Adam Folson (IdenTrust), Adriano Santoni (Actalis S.p.A.), Alexandros Afentoulis (HARICA), Alvin Wang (SHECA), Andrea Holland (IdenTrust), Antti Backman (Telia Company), Arman Asemani (Apple), Ben Wilson (Mozilla), Chad Dandar (Cisco Systems), Chris Clements (Google), Clint Wilson (Apple), Cynethia Brown (US Federal PKI Management Authority), Daryn Wright (Apple), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Apple), Eamon Zhang (TrustAsia), Eleftheria Theologou (HARICA), Enrico Entschew (D-TRUST), Eric Hampshire (Cisco Systems), Georgy Sebastian (Amazon), Grace Cimaszewski (Grace Cimaszewski (Private Person)), Gregory Tomko (GlobalSign), Gurleen Grewal (Google), Hazhar Ismail (MSC Trustgate Sdn Bhd), Henry Birge-Lee (Henry Birge-Lee (Private person)), Hogeun Yoo (NAVER Cloud Trust Services), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Jan Smith (US Federal PKI Management Authority), Jinhwan Shin (CPA Canada/WebTrust), Joe DeBlasio (Google), John Mason (Microsoft), Johnny Reading (GoDaddy), Joseph Cigin (Joseph Cigin (Private Person)), Jos Purvis (Fastly), Josselin Allemandou (Certigna (DHIMYOTIS)), Jun Okura (Cybertrust Japan), Karina Sirota (Microsoft), Kateryna Aleksieieva (Asseco Data Systems SA (Certum)), Kiran Tummala (Apple), Li-Chun Chen (Chunghwa Telecom), Lilia Dubko (CPA Canada/WebTrust), Lucy Buecking (IdenTrust), Mads Henriksveen (Buypass AS), Mahua Chaudhuri (Microsoft), Marijn Nagelkerke (360 Browser), Mark Gamache (Mark Gamache (Private Person)), Mark Nelson (IdenTrust), Martijn Katerbarg (Sectigo), Masaru Sakamoto (Cybertrust Japan), Masatoshi Shigaki (CPA Canada/WebTrust), Matthew McPherrin (Let’s Encrypt), Michelle Coon (OATI), Mrugesh Chandarana (IdenTrust), Nate Smith (GoDaddy), Nick France (Sectigo), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Paul van Brouwershaven (Entrust), Paul van Brouwershaven (Digitorus), Pekka Lahtiharju (Telia Company), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Rob Brady (SGNR, LLC), Rob Stradling (Sectigo), Rob White (GoDaddy), Rollin Yu (TrustAsia), Roman Fischer (SwissSign), Sándor Szőke (Microsec), Sandy Balzer (SwissSign), Scott Rea (eMudhra), Sean Huang (TWCA), Sven Rajala (Keyfactor), Tadahiko Ito (SECOM Trust Systems), Tathan Thacker (IdenTrust), Thomas Connelly (US Federal PKI Management Authority), Thomas Zermeno (SSL.com), Tim Callan (Sectigo), Tim Crawford (CPA Canada/WebTrust), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Tsung-Min Kuo (Chunghwa Telecom), Vikas Khanna (Microsoft), Vinay Kumar (OATI), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Zhao Kuisen (NovaVanguard Technology Co., Ltd.)
2026-06-04 Minutes of the Server Certificate Working Group
June 4, 2026 by Wayne ThayerMinutes: Dimitris leading the meeting and taking minutes Dimitris read the note-well. No changes were requested for the agenda. Minutes approval May 21, 2026 - these minutes were distributed on 2026-05-21. The minutes were approved. Next call: June 18, 2026 Attendees Aaron Gable (Let’s Encrypt), Aaron Poulsen (SSL.com), Adam Folson (IdenTrust), Adriano Santoni (Actalis S.p.A.), Alexandros Afentoulis (HARICA), Alvin Wang (SHECA), Andrea Holland (IdenTrust), Antti Backman (Telia Company), Arman Asemani (Apple), Ben Wilson (Mozilla), Chad Dandar (Cisco Systems), Chris Clements (Google), Clint Wilson (Apple), Cynethia Brown (US Federal PKI Management Authority), Daryn Wright (Apple), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Apple), Eamon Zhang (TrustAsia), Eleftheria Theologou (HARICA), Enrico Entschew (D-TRUST), Eric Hampshire (Cisco Systems), Georgy Sebastian (Amazon), Grace Cimaszewski (Grace Cimaszewski (Private Person)), Gregory Tomko (GlobalSign), Gurleen Grewal (Google), Hazhar Ismail (MSC Trustgate Sdn Bhd), Henry Birge-Lee (Henry Birge-Lee (Private person)), Hogeun Yoo (NAVER Cloud Trust Services), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Jan Smith (US Federal PKI Management Authority), Jinhwan Shin (CPA Canada/WebTrust), Joe DeBlasio (Google), John Mason (Microsoft), Johnny Reading (GoDaddy), Joseph Cigin (Joseph Cigin (Private Person)), Jos Purvis (Fastly), Josselin Allemandou (Certigna (DHIMYOTIS)), Jun Okura (Cybertrust Japan), Karina Sirota (Microsoft), Kateryna Aleksieieva (Asseco Data Systems SA (Certum)), Kiran Tummala (Apple), Li-Chun Chen (Chunghwa Telecom), Lilia Dubko (CPA Canada/WebTrust), Lucy Buecking (IdenTrust), Mads Henriksveen (Buypass AS), Mahua Chaudhuri (Microsoft), Marijn Nagelkerke (360 Browser), Mark Gamache (Mark Gamache (Private Person)), Mark Nelson (IdenTrust), Martijn Katerbarg (Sectigo), Masaru Sakamoto (Cybertrust Japan), Masatoshi Shigaki (CPA Canada/WebTrust), Matthew McPherrin (Let’s Encrypt), Michelle Coon (OATI), Mrugesh Chandarana (IdenTrust), Nate Smith (GoDaddy), Nick France (Sectigo), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Paul van Brouwershaven (Entrust), Paul van Brouwershaven (Digitorus), Pekka Lahtiharju (Telia Company), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Rob Brady (SGNR, LLC), Rob Stradling (Sectigo), Rob White (GoDaddy), Rollin Yu (TrustAsia), Roman Fischer (SwissSign), Sándor Szőke (Microsec), Sandy Balzer (SwissSign), Scott Rea (eMudhra), Sean Huang (TWCA), Sven Rajala (Keyfactor), Tadahiko Ito (SECOM Trust Systems), Tathan Thacker (IdenTrust), Thomas Connelly (US Federal PKI Management Authority), Thomas Zermeno (SSL.com), Tim Callan (Sectigo), Tim Crawford (CPA Canada/WebTrust), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Tsung-Min Kuo (Chunghwa Telecom), Vikas Khanna (Microsoft), Vinay Kumar (OATI), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Zhao Kuisen (NovaVanguard Technology Co., Ltd.).
June 4, 2026 by Wayne ThayerMinutes: Dimitris leading the meeting and taking minutes Dimitris read the note-well. No changes were requested for the agenda. Minutes approval May 21, 2026 - these minutes were distributed on 2026-05-21. The minutes were approved. Next call: June 18, 2026 Attendees Aaron Gable (Let’s Encrypt), Aaron Poulsen (SSL.com), Adam Folson (IdenTrust), Adriano Santoni (Actalis S.p.A.), Alexandros Afentoulis (HARICA), Alvin Wang (SHECA), Andrea Holland (IdenTrust), Antti Backman (Telia Company), Arman Asemani (Apple), Ben Wilson (Mozilla), Chad Dandar (Cisco Systems), Chris Clements (Google), Clint Wilson (Apple), Cynethia Brown (US Federal PKI Management Authority), Daryn Wright (Apple), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Apple), Eamon Zhang (TrustAsia), Eleftheria Theologou (HARICA), Enrico Entschew (D-TRUST), Eric Hampshire (Cisco Systems), Georgy Sebastian (Amazon), Grace Cimaszewski (Grace Cimaszewski (Private Person)), Gregory Tomko (GlobalSign), Gurleen Grewal (Google), Hazhar Ismail (MSC Trustgate Sdn Bhd), Henry Birge-Lee (Henry Birge-Lee (Private person)), Hogeun Yoo (NAVER Cloud Trust Services), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Jan Smith (US Federal PKI Management Authority), Jinhwan Shin (CPA Canada/WebTrust), Joe DeBlasio (Google), John Mason (Microsoft), Johnny Reading (GoDaddy), Joseph Cigin (Joseph Cigin (Private Person)), Jos Purvis (Fastly), Josselin Allemandou (Certigna (DHIMYOTIS)), Jun Okura (Cybertrust Japan), Karina Sirota (Microsoft), Kateryna Aleksieieva (Asseco Data Systems SA (Certum)), Kiran Tummala (Apple), Li-Chun Chen (Chunghwa Telecom), Lilia Dubko (CPA Canada/WebTrust), Lucy Buecking (IdenTrust), Mads Henriksveen (Buypass AS), Mahua Chaudhuri (Microsoft), Marijn Nagelkerke (360 Browser), Mark Gamache (Mark Gamache (Private Person)), Mark Nelson (IdenTrust), Martijn Katerbarg (Sectigo), Masaru Sakamoto (Cybertrust Japan), Masatoshi Shigaki (CPA Canada/WebTrust), Matthew McPherrin (Let’s Encrypt), Michelle Coon (OATI), Mrugesh Chandarana (IdenTrust), Nate Smith (GoDaddy), Nick France (Sectigo), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Paul van Brouwershaven (Entrust), Paul van Brouwershaven (Digitorus), Pekka Lahtiharju (Telia Company), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Rob Brady (SGNR, LLC), Rob Stradling (Sectigo), Rob White (GoDaddy), Rollin Yu (TrustAsia), Roman Fischer (SwissSign), Sándor Szőke (Microsec), Sandy Balzer (SwissSign), Scott Rea (eMudhra), Sean Huang (TWCA), Sven Rajala (Keyfactor), Tadahiko Ito (SECOM Trust Systems), Tathan Thacker (IdenTrust), Thomas Connelly (US Federal PKI Management Authority), Thomas Zermeno (SSL.com), Tim Callan (Sectigo), Tim Crawford (CPA Canada/WebTrust), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Tsung-Min Kuo (Chunghwa Telecom), Vikas Khanna (Microsoft), Vinay Kumar (OATI), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Zhao Kuisen (NovaVanguard Technology Co., Ltd.).
2026-06-03 Minutes of the S/MIME Certificate Working Group
June 3, 2026 by Minutes of SMCWG June 3, 2026 These are the Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply.
June 3, 2026 by Minutes of SMCWG June 3, 2026 These are the Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply.
Ballot SC087v2: Registration Number Improvement for EV Certificates
June 3, 2026 by Voting Results Certificate Issuers 18 votes in total:
June 3, 2026 by Voting Results Certificate Issuers 18 votes in total: