CA/Browser Forum posts
Posts by tag Forum
2025-08-28 Minutes of the Forum
August 28, 2025 by CA/B Forum Teleconference - 2025-08-281. Roll Call For attendance, see Item 15 below. 2. Review of Agenda The agenda was reviewed. One additional item was added under Any Other Business: the notice from Buypass CA regarding the cessation of TLS issuance. 3. Approval of Minutes Minutes of 31 July 2025 plenary, prepared by Aaron Gable, were approved without objection. Minutes of 17 July 2025, prepared by Scott Rea, are still being finalized. Minutes of 10 April 2025, which were to be prepared by Trev, remain outstanding. Aaron Poulsen noted that he has the recording and can assist with preparing them. 4. Server Certificate Working Group update Dimitris Zacharopoulos reported that the WG had continued its work on ballots and discussions of DNSSEC requirements. He noted that Sectigo has published P-521 keys to its GitHub repository. 5. Code Signing Certificate Working Group update Martijn Katerbarg reported that the ballot to reduce the validity period now has two endorsers and is progressing. He also described plans for a presentation at the Warsaw face-to-face meeting by representatives of the Canadian police on malware and its impacts. A guest contributor accompanying them has requested anonymity in the public minutes. The group agreed that the individual’s name would be redacted. 6. S/MIME Certificate Working Group update Martijn, serving as vice chair, reported that SMC-013 (PQC for S/MIME) has been adopted and the IPR review period has closed. Work continues on a charter update and discussions relating to SMC-014 (DNSSEC for CA records) and the treatment of pseudonyms. 7. NetSec Working Group update Clint Wilson reported that the WG has begun considering possible policies concerning the use of artificial intelligence in WebPKI. The group also continues to explore issues related to the use of cloud services. 8. Definitions and Glossary Working Group Tim Callan explained that the WG has been slowed by limited resources, but Sectigo has now assigned a project manager to drive progress. A kickoff is scheduled, and activity is expected to increase. 9. Forum Infrastructure Subcommittee update Jos Purvis reported that all e-mail processing for cabforum.org has been migrated to Google Workspace, resolving prior issues caused by the split between systems. The old mail server will be retired after list archives are transferred. The Subcommittee is also clarifying the process for saving IPR policy agreements online, particularly from Interested Parties, to ensure consistent handling. 10. Intellectual Property Rights Subcommittee Ben Wilson reported that the Subcommittee had reviewed a request from Deutsche Telekom to exclude affiliates from coverage under the IPR Policy Agreement. This request was rejected as inconsistent with the IPR Policy Agreement signed by all other members. Deutsche Telekom has been informed. The Subcommittee is also finalizing proposed updates to the IPR Policy, which will soon be circulated for member review. The Subcommittee also discussed Contributor License Agreements (CLA) and possible GitHub configurations to ensure alignment with the IPR policy. The Forum Infrastructure Subcommittee would be asked to look into this. 11. Bylaws Changes No report was provided. 12. Any Other Business The Forum discussed whether Deutsche Telekom should continue to attend face-to-face meetings without signing the IPR Policy Agreement. It was agreed that they may attend the October 2025 meeting in Warsaw, but that their continued participation will need to be reconsidered if they remain unwilling to sign. Dean Coclin reminded members that registration for the Warsaw meeting is open, with capacity limited to 75 participants and a registration deadline of 15 September 2025. Dean also informed members of Buypass CA’s notice that it will cease issuing TLS certificates by October 2025, citing commercial reasons. Buypass will continue to provide revocation and status services for previously issued certificates until their expiration or revocation, no later than October 2026, and will remain a Forum member until that time. However, it was also mentioned that Buypass might still be intending to issue other types of publicly trusted certificates. Finally, members were reminded that the agenda for the Warsaw plenary includes a session for CA presentations. Interested CAs should notify the Chair of their proposed topics. 13. Next Call The next plenary teleconference will be held on 11 September 2025. 14. Adjourn The meeting was adjourned. Attendees Aaron Gable (Let’s Encrypt), Aaron Poulsen (Amazon), Adrian Mueller (SwissSign), Adriano Santoni (Actalis S.p.A.), Alvin Wang (SHECA), Ben Wilson (Mozilla), Brianca Martin (Amazon), Chris Clements (Google), Clint Wilson (Apple), Corey Bonnell (DigiCert), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Enrico Entschew (D-TRUST), Eric Kramer (Sectigo), Gregory Tomko (GlobalSign), Inaba Atsushi (GlobalSign), Iñigo Barreira (Sectigo), Jaime Hablutzel (OISTE Foundation), Johnny Reading (GoDaddy), Jos Purvis (Fastly), Jun Okura (Cybertrust Japan), Karina Sirota (Microsoft), Kateryna Aleksieieva (Asseco Data Systems SA (Certum)), Kate Xu (TrustAsia), Kiran Tummala (Microsoft), Lucy Buecking (IdenTrust), Luis Cervantes (SSL.com), Marco Schambach (IdenTrust), Martijn Katerbarg (Sectigo), Michael Slaughter (Amazon), Michelle Coon (OATI), Miguel Sanchez (Google), Mohd Redha Hamzah (Pos Digicert Sdn. Bhd.), Mrugesh Chandarana (IdenTrust), Nargis Mannan (VikingCloud), Nate Smith (GoDaddy), Nicol So (CommScope), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Roman Fischer (SwissSign), Ryan Dickson (Google), Sandy Balzer (SwissSign), Scott Rea (eMudhra), Sean Huang (TWCA), Stephen Davidson (DigiCert), Tadahiko Ito (SECOM Trust Systems), Tathan Thacker (IdenTrust), Thomas Zermeno (SSL.com), Tim Callan (Sectigo), Tobias Josefowitz (Opera Software AS), Tsung-Min Kuo (Chunghwa Telecom), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Wiktoria Więckowska (Asseco Data Systems SA (Certum)
August 28, 2025 by CA/B Forum Teleconference - 2025-08-281. Roll Call For attendance, see Item 15 below. 2. Review of Agenda The agenda was reviewed. One additional item was added under Any Other Business: the notice from Buypass CA regarding the cessation of TLS issuance. 3. Approval of Minutes Minutes of 31 July 2025 plenary, prepared by Aaron Gable, were approved without objection. Minutes of 17 July 2025, prepared by Scott Rea, are still being finalized. Minutes of 10 April 2025, which were to be prepared by Trev, remain outstanding. Aaron Poulsen noted that he has the recording and can assist with preparing them. 4. Server Certificate Working Group update Dimitris Zacharopoulos reported that the WG had continued its work on ballots and discussions of DNSSEC requirements. He noted that Sectigo has published P-521 keys to its GitHub repository. 5. Code Signing Certificate Working Group update Martijn Katerbarg reported that the ballot to reduce the validity period now has two endorsers and is progressing. He also described plans for a presentation at the Warsaw face-to-face meeting by representatives of the Canadian police on malware and its impacts. A guest contributor accompanying them has requested anonymity in the public minutes. The group agreed that the individual’s name would be redacted. 6. S/MIME Certificate Working Group update Martijn, serving as vice chair, reported that SMC-013 (PQC for S/MIME) has been adopted and the IPR review period has closed. Work continues on a charter update and discussions relating to SMC-014 (DNSSEC for CA records) and the treatment of pseudonyms. 7. NetSec Working Group update Clint Wilson reported that the WG has begun considering possible policies concerning the use of artificial intelligence in WebPKI. The group also continues to explore issues related to the use of cloud services. 8. Definitions and Glossary Working Group Tim Callan explained that the WG has been slowed by limited resources, but Sectigo has now assigned a project manager to drive progress. A kickoff is scheduled, and activity is expected to increase. 9. Forum Infrastructure Subcommittee update Jos Purvis reported that all e-mail processing for cabforum.org has been migrated to Google Workspace, resolving prior issues caused by the split between systems. The old mail server will be retired after list archives are transferred. The Subcommittee is also clarifying the process for saving IPR policy agreements online, particularly from Interested Parties, to ensure consistent handling. 10. Intellectual Property Rights Subcommittee Ben Wilson reported that the Subcommittee had reviewed a request from Deutsche Telekom to exclude affiliates from coverage under the IPR Policy Agreement. This request was rejected as inconsistent with the IPR Policy Agreement signed by all other members. Deutsche Telekom has been informed. The Subcommittee is also finalizing proposed updates to the IPR Policy, which will soon be circulated for member review. The Subcommittee also discussed Contributor License Agreements (CLA) and possible GitHub configurations to ensure alignment with the IPR policy. The Forum Infrastructure Subcommittee would be asked to look into this. 11. Bylaws Changes No report was provided. 12. Any Other Business The Forum discussed whether Deutsche Telekom should continue to attend face-to-face meetings without signing the IPR Policy Agreement. It was agreed that they may attend the October 2025 meeting in Warsaw, but that their continued participation will need to be reconsidered if they remain unwilling to sign. Dean Coclin reminded members that registration for the Warsaw meeting is open, with capacity limited to 75 participants and a registration deadline of 15 September 2025. Dean also informed members of Buypass CA’s notice that it will cease issuing TLS certificates by October 2025, citing commercial reasons. Buypass will continue to provide revocation and status services for previously issued certificates until their expiration or revocation, no later than October 2026, and will remain a Forum member until that time. However, it was also mentioned that Buypass might still be intending to issue other types of publicly trusted certificates. Finally, members were reminded that the agenda for the Warsaw plenary includes a session for CA presentations. Interested CAs should notify the Chair of their proposed topics. 13. Next Call The next plenary teleconference will be held on 11 September 2025. 14. Adjourn The meeting was adjourned. Attendees Aaron Gable (Let’s Encrypt), Aaron Poulsen (Amazon), Adrian Mueller (SwissSign), Adriano Santoni (Actalis S.p.A.), Alvin Wang (SHECA), Ben Wilson (Mozilla), Brianca Martin (Amazon), Chris Clements (Google), Clint Wilson (Apple), Corey Bonnell (DigiCert), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Enrico Entschew (D-TRUST), Eric Kramer (Sectigo), Gregory Tomko (GlobalSign), Inaba Atsushi (GlobalSign), Iñigo Barreira (Sectigo), Jaime Hablutzel (OISTE Foundation), Johnny Reading (GoDaddy), Jos Purvis (Fastly), Jun Okura (Cybertrust Japan), Karina Sirota (Microsoft), Kateryna Aleksieieva (Asseco Data Systems SA (Certum)), Kate Xu (TrustAsia), Kiran Tummala (Microsoft), Lucy Buecking (IdenTrust), Luis Cervantes (SSL.com), Marco Schambach (IdenTrust), Martijn Katerbarg (Sectigo), Michael Slaughter (Amazon), Michelle Coon (OATI), Miguel Sanchez (Google), Mohd Redha Hamzah (Pos Digicert Sdn. Bhd.), Mrugesh Chandarana (IdenTrust), Nargis Mannan (VikingCloud), Nate Smith (GoDaddy), Nicol So (CommScope), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Roman Fischer (SwissSign), Ryan Dickson (Google), Sandy Balzer (SwissSign), Scott Rea (eMudhra), Sean Huang (TWCA), Stephen Davidson (DigiCert), Tadahiko Ito (SECOM Trust Systems), Tathan Thacker (IdenTrust), Thomas Zermeno (SSL.com), Tim Callan (Sectigo), Tobias Josefowitz (Opera Software AS), Tsung-Min Kuo (Chunghwa Telecom), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Wiktoria Więckowska (Asseco Data Systems SA (Certum)
2025-07-17 Minutes of the Forum
July 17, 2025 by CA/B Forum Teleconference - 2025-07-17Meeting Title: CA/Browser Forum Date: 17 July 2025 Chair: Dean Coclin Minutes Taken By: Scott Rea 1. Roll Call and Housekeeping Meeting called to order by Dean Coclin with support from Tim Callan; recording in process. 2. Note-well Note-well has already been read in previous session. 3. Review Agenda Agenda anticipated as posted. 4. Approval of Minutes None to approve on today’s call April 10th - still pending (Dean to re-send link to Aaron Poulsen) F2F minutes requires 1 more item from Martijn 5. Server Certificate Working Group update SCWG (Wayne) Wayne indicated earlier meeting was first in some time since F2F (2 meetings skipped). For the prior meeting SC085 (Require DNSSEC for CAA and DCV Lookups) passed so now IPR review period in progress. Validation Subcommittee (Wayne from Corey’s minutes) Last meeting had 2 major talking points discussed: SC088 persistent DCV ballot. Doug raised some questions which were worked through in the meeting. Henry provided some options and the approach was agreed as being solid. Validation Summit proposal. Send a survey for identifying which methods CAs are using – decided probably not going to do this, but rather use CCADB Report instead. Decided to focus on 2 aspects the validation methods: i) the security of the method; ii) the agility of the method. Chrome proposed new draft ballot to deprecate all methods that use email and phone as a methos of contacting applicants. So maybe there will be impact to Validation Summit based on the discussion. 6. Code Signing Certificate Working Group update Martijn not available so Dean called for any updates from those attending. Karina: Microsoft working on ballot for reduction of validity - looking for additional endorser. Also cleanup ballot for alignment with TLS BRs discussions are on-going. 7. S/MIME Certificate Working Group update (Stephen) SMC012 (automation of mailbox control using ACME) is out of IPR Review and now adopted as of 1 week ago. In voting period for SMC013 (PQC for SMIME) closes in a few days. On-going discuss around pseudonyms for personal certificates is progressing. There will be a Forum level ballot at the end of summer to update the Charter for the Group. 8. NetSec Working Group update (Clint) Main discussion topic was Cloud Services in the context of public CAs. Tobi put together a starter document to facilitate discussion. NS008 (Updates to CA Infrastructure Scope, Trusted Roles, Systems’ Applicability, and various other improvements) came out of IPR, and effective date is scheduled for later this year. Clint mentioned he is having some GitHub issues getting NS008 finalized. 9. Definitions and Glossary Working Group (Tim & Tim) Not a lot of feedback on Definitions thus far so next steps is take one more pass, produce document and then proceed with a ballot. The document is expected that it will be a policy document - it is not a requirements document. Wendy indicated she did not see the definitions circulated, so they will be re-posted to the list. 10. Forum Infrastructure Subcommittee update (Ben) Wayne had some comments around on-going saga to fix permissions on mailing list, and how to approach that. It is a WIP. 11. Intellectual Property Rights Subcommittee (Ben) Forum-036 Ballot - Adopt Invited Experts Policy has passed. Next meeting scheduled for next Tuesday to begin addressing remaining items. 12. Bylaws Changes (Ben) Ben planning to progress forum bylaws change ballot once summer is over e.g. September timeline. 13. Entrust Status in CABF (Bruce) Entrust does not, or soon will not issue TLS certificates anymore after key(s) transfer to Sectigo, however they are still doing some Code Sign certificates currently. The goal is that by 1st week of September, Sectigo will have control of all keys (including CS). So after that point, Entrust will not qualify under current membership category (Certificate Issuer), but may be looking to transition to Interested Party type member at that point. Bruce will provide update after actions are complete. Tim H indicated that the qualifying event is not necessary the key transfer but rather “trusted by Root Programs” criteria. Tim C indicated that Entrust is still a trusted CA for CS purposes, so in this instance it’s a voluntary withdrawal when it happens. Wayne lead the appreciation for all the effort contributions Bruce & Co have made to the CABF. 14. Any Other Business Registration for Warsaw is open – please indicate attendance for planning purposes. Note that Trusted Economy Forum is also being held adjacent to this meeting. List of future F2F meetings schedule was reviewed: 2025 1. Oct 15-17: Warsaw, Poland (Certum) – REGISTRATION OPEN 2026 2. Houston, TX, US Spring 2026 SSL.com New York, NY,US Summer 2026 Google Trust Services Thessaloniki, GR Fall 2026 HARICA 2027 5. Scottsdale, AZ Spring 2027 Sectigo Switzerland June 2027 SwissSign Austin, TX, USA Fall 2027 IdenTrust 2028 8. Shanghai, China Spring 2028 TrustAsia (tentative) 15. Adjourn Next call: July 31, 2025
July 17, 2025 by CA/B Forum Teleconference - 2025-07-17Meeting Title: CA/Browser Forum Date: 17 July 2025 Chair: Dean Coclin Minutes Taken By: Scott Rea 1. Roll Call and Housekeeping Meeting called to order by Dean Coclin with support from Tim Callan; recording in process. 2. Note-well Note-well has already been read in previous session. 3. Review Agenda Agenda anticipated as posted. 4. Approval of Minutes None to approve on today’s call April 10th - still pending (Dean to re-send link to Aaron Poulsen) F2F minutes requires 1 more item from Martijn 5. Server Certificate Working Group update SCWG (Wayne) Wayne indicated earlier meeting was first in some time since F2F (2 meetings skipped). For the prior meeting SC085 (Require DNSSEC for CAA and DCV Lookups) passed so now IPR review period in progress. Validation Subcommittee (Wayne from Corey’s minutes) Last meeting had 2 major talking points discussed: SC088 persistent DCV ballot. Doug raised some questions which were worked through in the meeting. Henry provided some options and the approach was agreed as being solid. Validation Summit proposal. Send a survey for identifying which methods CAs are using – decided probably not going to do this, but rather use CCADB Report instead. Decided to focus on 2 aspects the validation methods: i) the security of the method; ii) the agility of the method. Chrome proposed new draft ballot to deprecate all methods that use email and phone as a methos of contacting applicants. So maybe there will be impact to Validation Summit based on the discussion. 6. Code Signing Certificate Working Group update Martijn not available so Dean called for any updates from those attending. Karina: Microsoft working on ballot for reduction of validity - looking for additional endorser. Also cleanup ballot for alignment with TLS BRs discussions are on-going. 7. S/MIME Certificate Working Group update (Stephen) SMC012 (automation of mailbox control using ACME) is out of IPR Review and now adopted as of 1 week ago. In voting period for SMC013 (PQC for SMIME) closes in a few days. On-going discuss around pseudonyms for personal certificates is progressing. There will be a Forum level ballot at the end of summer to update the Charter for the Group. 8. NetSec Working Group update (Clint) Main discussion topic was Cloud Services in the context of public CAs. Tobi put together a starter document to facilitate discussion. NS008 (Updates to CA Infrastructure Scope, Trusted Roles, Systems’ Applicability, and various other improvements) came out of IPR, and effective date is scheduled for later this year. Clint mentioned he is having some GitHub issues getting NS008 finalized. 9. Definitions and Glossary Working Group (Tim & Tim) Not a lot of feedback on Definitions thus far so next steps is take one more pass, produce document and then proceed with a ballot. The document is expected that it will be a policy document - it is not a requirements document. Wendy indicated she did not see the definitions circulated, so they will be re-posted to the list. 10. Forum Infrastructure Subcommittee update (Ben) Wayne had some comments around on-going saga to fix permissions on mailing list, and how to approach that. It is a WIP. 11. Intellectual Property Rights Subcommittee (Ben) Forum-036 Ballot - Adopt Invited Experts Policy has passed. Next meeting scheduled for next Tuesday to begin addressing remaining items. 12. Bylaws Changes (Ben) Ben planning to progress forum bylaws change ballot once summer is over e.g. September timeline. 13. Entrust Status in CABF (Bruce) Entrust does not, or soon will not issue TLS certificates anymore after key(s) transfer to Sectigo, however they are still doing some Code Sign certificates currently. The goal is that by 1st week of September, Sectigo will have control of all keys (including CS). So after that point, Entrust will not qualify under current membership category (Certificate Issuer), but may be looking to transition to Interested Party type member at that point. Bruce will provide update after actions are complete. Tim H indicated that the qualifying event is not necessary the key transfer but rather “trusted by Root Programs” criteria. Tim C indicated that Entrust is still a trusted CA for CS purposes, so in this instance it’s a voluntary withdrawal when it happens. Wayne lead the appreciation for all the effort contributions Bruce & Co have made to the CABF. 14. Any Other Business Registration for Warsaw is open – please indicate attendance for planning purposes. Note that Trusted Economy Forum is also being held adjacent to this meeting. List of future F2F meetings schedule was reviewed: 2025 1. Oct 15-17: Warsaw, Poland (Certum) – REGISTRATION OPEN 2026 2. Houston, TX, US Spring 2026 SSL.com New York, NY,US Summer 2026 Google Trust Services Thessaloniki, GR Fall 2026 HARICA 2027 5. Scottsdale, AZ Spring 2027 Sectigo Switzerland June 2027 SwissSign Austin, TX, USA Fall 2027 IdenTrust 2028 8. Shanghai, China Spring 2028 TrustAsia (tentative) 15. Adjourn Next call: July 31, 2025
Ballot FORUM-036 – Adopt Invited Experts Policy
July 9, 2025 by Ben WilsonBallot FORUM-036 – Adopt Invited Experts Policy The voting period for Forum-036 Adopt Invited Experts Policy has completed. The ballot has: PASSED
July 9, 2025 by Ben WilsonBallot FORUM-036 – Adopt Invited Experts Policy The voting period for Forum-036 Adopt Invited Experts Policy has completed. The ballot has: PASSED
2025-06-10 Minutes of the Forum Toronto F2F
June 10, 2025 by CA/B Forum Teleconference - 2025-06-10Meeting Title: CA/Browser Forum Toronto F2F Date: 10 June 2025 Chair: Dean Coclin Guest speaker: Chrome’s views on PQCPresenter: David Adrian Presentation Link: https://cabforum.org/2025/06/10/2025-06-10-minutes-of-the-forum-toronto-f2f/Chrome_PQC_CABF_F2F_Toronto_2025_EXTERNAL.pdf Guest speaker: The Future of ZLintPresenter: Zakir Durumeric Presentation Link: https://cabforum.org/2025/06/10/2025-06-10-minutes-of-the-forum-toronto-f2f/The_Future_of_ZLint_CABF_F2F_Toronto_2025.pdf Remedies for CPS ErrorsPresenter: Tim Callan Minute taker: Ben Wilson See SCWG minutes Panel Q&APresenter: Ben Wilson Minute taker: Dimitris No additional discussion. Mozilla Root Program UpdatePresenter: Ben Wilson Presentation Link: https://cabforum.org/2025/06/10/2025-06-10-minutes-of-the-forum-toronto-f2f/June-2025-Mozilla-News.pdf Minute taker: Scott Rea Ben’s curated notes (presented in the meeting) can be found at: https://drive.google.com/file/d/1zv6XlzitsQdaBp6gf_u3ND7Fzum1pPLY/view
June 10, 2025 by CA/B Forum Teleconference - 2025-06-10Meeting Title: CA/Browser Forum Toronto F2F Date: 10 June 2025 Chair: Dean Coclin Guest speaker: Chrome’s views on PQCPresenter: David Adrian Presentation Link: https://cabforum.org/2025/06/10/2025-06-10-minutes-of-the-forum-toronto-f2f/Chrome_PQC_CABF_F2F_Toronto_2025_EXTERNAL.pdf Guest speaker: The Future of ZLintPresenter: Zakir Durumeric Presentation Link: https://cabforum.org/2025/06/10/2025-06-10-minutes-of-the-forum-toronto-f2f/The_Future_of_ZLint_CABF_F2F_Toronto_2025.pdf Remedies for CPS ErrorsPresenter: Tim Callan Minute taker: Ben Wilson See SCWG minutes Panel Q&APresenter: Ben Wilson Minute taker: Dimitris No additional discussion. Mozilla Root Program UpdatePresenter: Ben Wilson Presentation Link: https://cabforum.org/2025/06/10/2025-06-10-minutes-of-the-forum-toronto-f2f/June-2025-Mozilla-News.pdf Minute taker: Scott Rea Ben’s curated notes (presented in the meeting) can be found at: https://drive.google.com/file/d/1zv6XlzitsQdaBp6gf_u3ND7Fzum1pPLY/view
2025-05-22 Minutes of the Forum
May 22, 2025 by CA/B Forum Teleconference - 2025-05-22Meeting Title: CA/Browser Forum Date: 22 May 2025 Chair: Dean Coclin 1. Roll Call and Housekeeping Meeting called to order by Dean Coclin; recording in process. 2. Note-well Note-well has already been read. 3. Review Agenda No changes to the agenda. 4. Approval of Minutes April 10th - still pending May 8th - minutes approved. 5. Server Certificate Working Group update (Dimitris) SCWG Wayne said SC81 passed IPR review period, and new version after fixing some issues is available. Validation Subcommittee They spent the majority of time to discuss SC085 and SC082, and make significant progress including triage of a bunch of bugs in GitHub, including assigning things out to a few people. 6. Code Signing Certificate Working Group update (Martijn) CSC030 should be hitting discussion period shortly, and not further updates yet on reducing the validity period. Karina will take over the role of representative from Microsoft, and the ballot for reduction of validity period will start running by Microsoft. PQC ballot is pending, and looking for additional endorser. 7. S/MIME Certificate Working Group update (Stephen) Discussed on PQC to found out what else is need for ballot. Also discussed on MPIC and validation control over mailbox. SMC012 is in the discussion period. Kicked off for updating Section 7 and looking for volunteers. 8. NetSec Working Group update (Ben) Went through the issues on GitHub and closed 4~5 of them because they had already been resolved. Reviewed agenda for F2F meeting. 9. Definitions and Glossary Working Group (Tim Callan) Compared definitions from various documents to identify inconsistencies. Most definitions were identical or had trivial differences like capitalization. Developed proposals to resolve discrepancies and aim to gather feedback from a group of participants. The next steps involve incorporating feedback into a document and proceeding with a ballot. 10. Forum Infrastructure Subcommittee update (Ben) No meeting last week. 11. Intellectual Property Rights Subcommittee (Ben) Working on revising IPR policy. An email was sent on May 19th to a public list requesting feedback on the invited experts policy and agreement by the deadline of May 27th, acknowledging the upcoming holiday. Ben encouraged feedback by Tuesday and seeks two endorsers for a forum ballot. 12. Bylaws Changes (Ben) Aaron said a forum bylaws change ballot was sent to an old mailing list instead of current one, preventing recipients from receiving them. Aaron restarted the discussion period and encouraged participants to review the email and ballot, and to provide any comments or suggestions. 13. F2F meeting Agenda Tim highlighted recent incidents related to CPS errors causing mass revocation events, and proposed discussing potential solutions to improve transparency and accountability without such events. Dean encouraged participants to send topics after the call, if needed. Rebecca inquired about deadlines for agenda topics and Dean confirmed it would be finalized a week before the meeting.
May 22, 2025 by CA/B Forum Teleconference - 2025-05-22Meeting Title: CA/Browser Forum Date: 22 May 2025 Chair: Dean Coclin 1. Roll Call and Housekeeping Meeting called to order by Dean Coclin; recording in process. 2. Note-well Note-well has already been read. 3. Review Agenda No changes to the agenda. 4. Approval of Minutes April 10th - still pending May 8th - minutes approved. 5. Server Certificate Working Group update (Dimitris) SCWG Wayne said SC81 passed IPR review period, and new version after fixing some issues is available. Validation Subcommittee They spent the majority of time to discuss SC085 and SC082, and make significant progress including triage of a bunch of bugs in GitHub, including assigning things out to a few people. 6. Code Signing Certificate Working Group update (Martijn) CSC030 should be hitting discussion period shortly, and not further updates yet on reducing the validity period. Karina will take over the role of representative from Microsoft, and the ballot for reduction of validity period will start running by Microsoft. PQC ballot is pending, and looking for additional endorser. 7. S/MIME Certificate Working Group update (Stephen) Discussed on PQC to found out what else is need for ballot. Also discussed on MPIC and validation control over mailbox. SMC012 is in the discussion period. Kicked off for updating Section 7 and looking for volunteers. 8. NetSec Working Group update (Ben) Went through the issues on GitHub and closed 4~5 of them because they had already been resolved. Reviewed agenda for F2F meeting. 9. Definitions and Glossary Working Group (Tim Callan) Compared definitions from various documents to identify inconsistencies. Most definitions were identical or had trivial differences like capitalization. Developed proposals to resolve discrepancies and aim to gather feedback from a group of participants. The next steps involve incorporating feedback into a document and proceeding with a ballot. 10. Forum Infrastructure Subcommittee update (Ben) No meeting last week. 11. Intellectual Property Rights Subcommittee (Ben) Working on revising IPR policy. An email was sent on May 19th to a public list requesting feedback on the invited experts policy and agreement by the deadline of May 27th, acknowledging the upcoming holiday. Ben encouraged feedback by Tuesday and seeks two endorsers for a forum ballot. 12. Bylaws Changes (Ben) Aaron said a forum bylaws change ballot was sent to an old mailing list instead of current one, preventing recipients from receiving them. Aaron restarted the discussion period and encouraged participants to review the email and ballot, and to provide any comments or suggestions. 13. F2F meeting Agenda Tim highlighted recent incidents related to CPS errors causing mass revocation events, and proposed discussing potential solutions to improve transparency and accountability without such events. Dean encouraged participants to send topics after the call, if needed. Rebecca inquired about deadlines for agenda topics and Dean confirmed it would be finalized a week before the meeting.
2025-05-08 Minutes of the Forum
May 8, 2025 by CA/B Forum and Server Certificate WG Teleconference - 2025-05-08Meeting Title: CA/Browser Forum Date: 8 May 2025 Chair: Dean Coclin Minutes Taken By: Wayne Thayer 1. Roll Call and Housekeeping Meeting called to order by Dean Coclin; recording in process. 2. Note-well Note-well has already been read. 3. Review Agenda No changes to the agenda. 4. Approval of Minutes April 10th (Trev) - these are still pending. April 24th (Thomas) - have been posted to the management list; minutes approved. F2F#64 - minutes approved. 5. Server Certificate Working Group update (Dimitris) SCWG Discussed recent comments on SC081; no action needed. Discussion on ability to lock comments on PRs and request to Infrastructure SC to standardize. Ballots were discussed. Validation Subcommittee Corey reported focus on SC085 (DNSSEC ballot) and technical details/effective dates. Also discussed SC082 redux and new validation method by Michael Slaughter. Ongoing PR discussion on GitHub. 6. Code Signing Certificate Working Group update (Martijn) No call was held; no updates. 7. S/MIME Certificate Working Group update (Stephen) Discussed ACME for S/MIME ballot. Discussed tagging of pseudonyms in common names to prevent confusion. Broader discussion on adopting the detailed Section 7 structure of the TLS BRs. SMC011 exits IPR on May 14. 8. NetSec Working Group update (Clint) Discussion of NS008 and section 2.2.6 remote connections language. Potential confusion with “access to CA infrastructure” for customer portals. Proposed new term: “privileged access” to clarify. Ballot updated to version 3 and discussion period restarted. Aiming to move to voting on May 14th. 9. Definitions and Glossary Working Group (Tim C.) No update. 10. Forum Infrastructure Subcommittee update (Jos) Reviewed GitHub ‘restrict comments’ setting—agreed to use and document in CLA/readme. Ben’s meeting minutes template added to wiki; plan to test with AI transcription. Suggestion: chairs should clearly call out agenda sections for AI alignment. Concern raised by Wayne: restricting comments may drive demand for write access. Jos: propose self-service update via membership-tools record. 11. Intellectual Property Rights Subcommittee (Ben) Next meeting scheduled for May 15* 12. Bylaws Changes (Ben - Dimitris) No recent progress. Rebecca Kelley to collaborate with Ben. 13. Any Other Business Toronto Face-to-Face meeting approaching. In-person attendance deadline has passed. Reminder to book hotels. Aaron drafted a bylaws update ballot to allow WG chairs to convert relative effective dates to concrete dates post-ballot. Planning to begin discussion period. 14. Next Call May 22, 2025 15. Adjourn Attendees Aaron Gable (Let’s Encrypt), Aaron Poulsen (Amazon), Adam Jones (Microsoft), Adriano Santoni (Actalis S.p.A.), Antti Backman (Telia Company), Ben Wilson (Mozilla), Brianca Martin (Amazon), Chris Clements (Google), Clint Wilson (Apple), Corey Bonnell (DigiCert), Corey Rasmussen (OATI), Cynethia Brown (US Federal PKI Management Authority), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Gregory Tomko (GlobalSign), Hazhar Ismail (MSC Trustgate Sdn Bhd), Inaba Atsushi (GlobalSign), Iori Kondo (Cybertrust Japan), Jaime Hablutzel (OISTE Foundation), Jeanette Snook (Visa), Jeff Ward (Aprio), Johnny Reading (GoDaddy), Jos Purvis (Fastly), Jun Okura (Cybertrust Japan), Karina Sirota (Microsoft), Kate Xu (TrustAsia), Kiran Tummala (Microsoft), Li-Chun Chen (Chunghwa Telecom), Lucy Buecking (IdenTrust), Luis Cervantes (SSL.com), Mahua Chaudhuri (Microsoft), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Matthew McPherrin (Let’s Encrypt), Michael Slaughter (Amazon), Michelle Coon (OATI), Mohd Redha Hamzah (Pos Digicert Sdn. Bhd.), Mrugesh Chandarana (IdenTrust), Nargis Mannan (VikingCloud), Nate Smith (GoDaddy), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Rich Smith (DigiCert), Rollin Yu (TrustAsia), Ryan Dickson (Google), Scott Rea (eMudhra), Sooyoung Eo (NAVER Cloud Trust Services), Stephen Davidson (DigiCert), Steven Deitte (GoDaddy), Tadahiko Ito (SECOM Trust Systems), Thomas Zermeno (SSL.com), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yamian Quintero (Microsoft)
May 8, 2025 by CA/B Forum and Server Certificate WG Teleconference - 2025-05-08Meeting Title: CA/Browser Forum Date: 8 May 2025 Chair: Dean Coclin Minutes Taken By: Wayne Thayer 1. Roll Call and Housekeeping Meeting called to order by Dean Coclin; recording in process. 2. Note-well Note-well has already been read. 3. Review Agenda No changes to the agenda. 4. Approval of Minutes April 10th (Trev) - these are still pending. April 24th (Thomas) - have been posted to the management list; minutes approved. F2F#64 - minutes approved. 5. Server Certificate Working Group update (Dimitris) SCWG Discussed recent comments on SC081; no action needed. Discussion on ability to lock comments on PRs and request to Infrastructure SC to standardize. Ballots were discussed. Validation Subcommittee Corey reported focus on SC085 (DNSSEC ballot) and technical details/effective dates. Also discussed SC082 redux and new validation method by Michael Slaughter. Ongoing PR discussion on GitHub. 6. Code Signing Certificate Working Group update (Martijn) No call was held; no updates. 7. S/MIME Certificate Working Group update (Stephen) Discussed ACME for S/MIME ballot. Discussed tagging of pseudonyms in common names to prevent confusion. Broader discussion on adopting the detailed Section 7 structure of the TLS BRs. SMC011 exits IPR on May 14. 8. NetSec Working Group update (Clint) Discussion of NS008 and section 2.2.6 remote connections language. Potential confusion with “access to CA infrastructure” for customer portals. Proposed new term: “privileged access” to clarify. Ballot updated to version 3 and discussion period restarted. Aiming to move to voting on May 14th. 9. Definitions and Glossary Working Group (Tim C.) No update. 10. Forum Infrastructure Subcommittee update (Jos) Reviewed GitHub ‘restrict comments’ setting—agreed to use and document in CLA/readme. Ben’s meeting minutes template added to wiki; plan to test with AI transcription. Suggestion: chairs should clearly call out agenda sections for AI alignment. Concern raised by Wayne: restricting comments may drive demand for write access. Jos: propose self-service update via membership-tools record. 11. Intellectual Property Rights Subcommittee (Ben) Next meeting scheduled for May 15* 12. Bylaws Changes (Ben - Dimitris) No recent progress. Rebecca Kelley to collaborate with Ben. 13. Any Other Business Toronto Face-to-Face meeting approaching. In-person attendance deadline has passed. Reminder to book hotels. Aaron drafted a bylaws update ballot to allow WG chairs to convert relative effective dates to concrete dates post-ballot. Planning to begin discussion period. 14. Next Call May 22, 2025 15. Adjourn Attendees Aaron Gable (Let’s Encrypt), Aaron Poulsen (Amazon), Adam Jones (Microsoft), Adriano Santoni (Actalis S.p.A.), Antti Backman (Telia Company), Ben Wilson (Mozilla), Brianca Martin (Amazon), Chris Clements (Google), Clint Wilson (Apple), Corey Bonnell (DigiCert), Corey Rasmussen (OATI), Cynethia Brown (US Federal PKI Management Authority), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Gregory Tomko (GlobalSign), Hazhar Ismail (MSC Trustgate Sdn Bhd), Inaba Atsushi (GlobalSign), Iori Kondo (Cybertrust Japan), Jaime Hablutzel (OISTE Foundation), Jeanette Snook (Visa), Jeff Ward (Aprio), Johnny Reading (GoDaddy), Jos Purvis (Fastly), Jun Okura (Cybertrust Japan), Karina Sirota (Microsoft), Kate Xu (TrustAsia), Kiran Tummala (Microsoft), Li-Chun Chen (Chunghwa Telecom), Lucy Buecking (IdenTrust), Luis Cervantes (SSL.com), Mahua Chaudhuri (Microsoft), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Matthew McPherrin (Let’s Encrypt), Michael Slaughter (Amazon), Michelle Coon (OATI), Mohd Redha Hamzah (Pos Digicert Sdn. Bhd.), Mrugesh Chandarana (IdenTrust), Nargis Mannan (VikingCloud), Nate Smith (GoDaddy), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Rich Smith (DigiCert), Rollin Yu (TrustAsia), Ryan Dickson (Google), Scott Rea (eMudhra), Sooyoung Eo (NAVER Cloud Trust Services), Stephen Davidson (DigiCert), Steven Deitte (GoDaddy), Tadahiko Ito (SECOM Trust Systems), Thomas Zermeno (SSL.com), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yamian Quintero (Microsoft)
2025-04-24 Minutes of the Forum
April 24, 2025 by Roll Call and Housekeeping Meeting called to order by Dean; recording in process Roll taken by recording Note-well Note-well has already been read Review Agenda Begin Recording - Roll Call Read note-well Review of Agenda Approval of minutes: April 10th and F2F. Server Certificate Working Group update (Dimitris) Code Signing Certificate Working Group update (Martijn) S/MIME Certificate Working Group update (Stephen) NetSec Working Group update (Clint) Definitions and Glossary Working Group (Tim H.) Forum Infrastructure Subcommittee update (Jos) Intellectual Property Rights Subcommittee (Ben) Bylaws changes (Ben - Dimitris) Any Other Business Next call: May 8, 2025 Adjourn Approval of Minutes No minutes for 2024-04-10 Minutes from the F2F: Ryan asked for more time to review - deferred to next meeting. Draft minutes and presentations from F2F are available on Wiki Server Certificate Working Group update (Dimitris) SCWG
April 24, 2025 by Roll Call and Housekeeping Meeting called to order by Dean; recording in process Roll taken by recording Note-well Note-well has already been read Review Agenda Begin Recording - Roll Call Read note-well Review of Agenda Approval of minutes: April 10th and F2F. Server Certificate Working Group update (Dimitris) Code Signing Certificate Working Group update (Martijn) S/MIME Certificate Working Group update (Stephen) NetSec Working Group update (Clint) Definitions and Glossary Working Group (Tim H.) Forum Infrastructure Subcommittee update (Jos) Intellectual Property Rights Subcommittee (Ben) Bylaws changes (Ben - Dimitris) Any Other Business Next call: May 8, 2025 Adjourn Approval of Minutes No minutes for 2024-04-10 Minutes from the F2F: Ryan asked for more time to review - deferred to next meeting. Draft minutes and presentations from F2F are available on Wiki Server Certificate Working Group update (Dimitris) SCWG
Minutes of the F2F 64 Meeting in Tokyo, Japan - Forum-level, March 25-26, 2025
March 27, 2025 by Dean CoclinDay 1 Tuesday, March 25, 2025CA/Browser Forum level Meeting Attendees (Aggregated participants physically present and remote from days 1 and 2)
March 27, 2025 by Dean CoclinDay 1 Tuesday, March 25, 2025CA/Browser Forum level Meeting Attendees (Aggregated participants physically present and remote from days 1 and 2)
2025-03-13 Minutes of the CA/Browser Forum Teleconference
March 13, 2025 by Corey BonnellFinal minutes of the CA/B Forum call held on March 13, 2025.
March 13, 2025 by Corey BonnellFinal minutes of the CA/B Forum call held on March 13, 2025.
2025-02-27 Minutes of the CA/Browser Forum Teleconference
February 27, 2025 by Corey BonnellFinal minutes of the CA/B Forum call held on February 27, 2025.
February 27, 2025 by Corey BonnellFinal minutes of the CA/B Forum call held on February 27, 2025.