CA/Browser Forum posts
Posts by tag Minutes
2026-02-12 Minutes of the Server Certificate Working Group
February 12, 2026 by Wayne ThayerMinutes: Notes by: Janet Hines (VikingCloud) Begin Recording - Roll Call Read note-well Note-well was read by Dimitris
February 12, 2026 by Wayne ThayerMinutes: Notes by: Janet Hines (VikingCloud) Begin Recording - Roll Call Read note-well Note-well was read by Dimitris
2026-01-29 Minutes of the Server Certificate Working Group
January 29, 2026 by Wayne ThayerMinutes: Minutes by Jos Purvis (Fastly) I. Meeting Logistics Dimitris read the note-well. No changes were requested for the agenda. The minutes from the 15 January meeting were approved without changes. II. Membership Applications The membership application of Santosh Pandit as an individual interested party was reviewed and approved without objection. III. Ballots The cleanup ballot currently in its discussion period was reviewed. Kateryna Aleksieieva (Certum) indicated there were no updates on the ballot status, but they hoped to have it completed in January. There are 3 ballots currently in IPR: SC 94, 96, and 97. Ballots 94 and 96 will end their IPR periods on the same day; Dimitris asked the group for guidance on how to treat the release of red-lines and final guidelines for each ballot — whether to release separate versions of the BRs or a single version comparing the two. Corey Bonnell (Digicert) pointed out that this happened a few years ago in the Code-Signing working group and they elected to release each ballot separately, meaning the first ballot had an effective period of about fifteen minutes before the second ballot also took effect. Dimitris pointed out that the table for effective dates doesn’t include timestamps, just dates, so he was thinking of applying a similar approach but separated by a day. The group indicated that would be fine but there was no particular concern with doing separate releases but having both ballots’ effective dates be the same day. Dimitris listed 5 ballots currently under consideration. Corey indicated he had made some changes around dates in SC87 (registration number improvement for EV certificates), updated the PR, and verified the new copy with the current endorsers. Once the endorsers have indicated consent to the changes, he’ll be proceeding with moving this into discussion and formal balloting in the next few weeks. Aaron Gable (ISRG) offered an update on the ballot for cleanups to ADNC names. The significant topic the Validation Subcommittee discussed was the difference between re-using a validation for the applied-for FQDN (which is what the BRs discuss today) versus re-using a validation for the actually-validated ADN (which is what the new version of the BRs included). Aaron and Jacob are preparing an email to update the community on the changes and updates the ballot proposes and hopes to have that out prior to the next Validation Subcommittee meeting. Martijn Katerbarg (Sectigo) is leading the ballot improving CPRs and clarifying revocation: there were no updates on that ballot’s progress. Clint Wilson (Apple) is leading the ballot now numbered SC93. Clint said there’s an excellent comment on the ballot pull request from GTS outlining their thoughts and concerns around the ballot. Clint asked the community for further discussion on whether the ballot offered sufficient value in comparison to cost to advance or should be approached via a different route. Finally, Dimitris reviewed the ballot for an updated timeline for errors affecting CP/CPS deviations. He indicated he had reached out to a few members to get feedback and discussion around the ballot but had not received much back, and would likely add this to discussion at the upcoming face-to-face meeting. IV. Discussion Items — Current Business Ballot Number Allocations Dimitris articulated the concerns around ballot numbering, which currently follows an informal process to allocate ballot numbers. At the moment, the process indicates a ballot number should be assigned once a ballot has achieved some consensus and attached two endorsers; he noted, however, that it’s much easier to have discussions around proposed ballots with a number attached to them for clarity of reference. He also indicated concerns with the currently pending ballot SC93, which has adopted that number from this process, but then leaves a gap in ballot numbers that might need to be accounted for in some way. Aaron concurred that it was easier to refer to a ballot if there were a number assigned; Jos pointed out that in the past this had resulted in numbering gaps that then generated questions later about what happened to those numbers that were skipped. Jos proposed a different solution in which we used SC- in order to create a convenient “handle” for the ballot that didn’t interfere with numbering. Ben Wilson (Mozilla) felt we should keep the current system as it is, and said if a ballot were abandoned once it reached the discussion stage it was relatively easy to note that in the historical record; he also pointed out that a ballot doesn’t need to be in its final form for someone to endorse it. Aaron suggested using the pull-request number for naming draft ballots. Tim Callan (Sectigo) pointed out that if we took the approach of encouraging “early endorsers” we might see people voting no on a ballot they endorsed initially because of the changes since they endorsed it; the group felt it was important in that case to emphasize there was no stigma attached to withdrawing endorsement of a ballot or voting no on a ballot previously endorsed. Dimitris summarized the discussion and encouraged further discussion around this on future calls. The next topic was volunteers around minute-taking. Dimitris explained the rotation system currently in use for minute-takers, and asked that people reach out to him to be added to or removed from the list of minute-takers. V. New Business There were no new-business items from the group. Dimitris adjourned the meeting, noting the next meeting would be 12 February.
January 29, 2026 by Wayne ThayerMinutes: Minutes by Jos Purvis (Fastly) I. Meeting Logistics Dimitris read the note-well. No changes were requested for the agenda. The minutes from the 15 January meeting were approved without changes. II. Membership Applications The membership application of Santosh Pandit as an individual interested party was reviewed and approved without objection. III. Ballots The cleanup ballot currently in its discussion period was reviewed. Kateryna Aleksieieva (Certum) indicated there were no updates on the ballot status, but they hoped to have it completed in January. There are 3 ballots currently in IPR: SC 94, 96, and 97. Ballots 94 and 96 will end their IPR periods on the same day; Dimitris asked the group for guidance on how to treat the release of red-lines and final guidelines for each ballot — whether to release separate versions of the BRs or a single version comparing the two. Corey Bonnell (Digicert) pointed out that this happened a few years ago in the Code-Signing working group and they elected to release each ballot separately, meaning the first ballot had an effective period of about fifteen minutes before the second ballot also took effect. Dimitris pointed out that the table for effective dates doesn’t include timestamps, just dates, so he was thinking of applying a similar approach but separated by a day. The group indicated that would be fine but there was no particular concern with doing separate releases but having both ballots’ effective dates be the same day. Dimitris listed 5 ballots currently under consideration. Corey indicated he had made some changes around dates in SC87 (registration number improvement for EV certificates), updated the PR, and verified the new copy with the current endorsers. Once the endorsers have indicated consent to the changes, he’ll be proceeding with moving this into discussion and formal balloting in the next few weeks. Aaron Gable (ISRG) offered an update on the ballot for cleanups to ADNC names. The significant topic the Validation Subcommittee discussed was the difference between re-using a validation for the applied-for FQDN (which is what the BRs discuss today) versus re-using a validation for the actually-validated ADN (which is what the new version of the BRs included). Aaron and Jacob are preparing an email to update the community on the changes and updates the ballot proposes and hopes to have that out prior to the next Validation Subcommittee meeting. Martijn Katerbarg (Sectigo) is leading the ballot improving CPRs and clarifying revocation: there were no updates on that ballot’s progress. Clint Wilson (Apple) is leading the ballot now numbered SC93. Clint said there’s an excellent comment on the ballot pull request from GTS outlining their thoughts and concerns around the ballot. Clint asked the community for further discussion on whether the ballot offered sufficient value in comparison to cost to advance or should be approached via a different route. Finally, Dimitris reviewed the ballot for an updated timeline for errors affecting CP/CPS deviations. He indicated he had reached out to a few members to get feedback and discussion around the ballot but had not received much back, and would likely add this to discussion at the upcoming face-to-face meeting. IV. Discussion Items — Current Business Ballot Number Allocations Dimitris articulated the concerns around ballot numbering, which currently follows an informal process to allocate ballot numbers. At the moment, the process indicates a ballot number should be assigned once a ballot has achieved some consensus and attached two endorsers; he noted, however, that it’s much easier to have discussions around proposed ballots with a number attached to them for clarity of reference. He also indicated concerns with the currently pending ballot SC93, which has adopted that number from this process, but then leaves a gap in ballot numbers that might need to be accounted for in some way. Aaron concurred that it was easier to refer to a ballot if there were a number assigned; Jos pointed out that in the past this had resulted in numbering gaps that then generated questions later about what happened to those numbers that were skipped. Jos proposed a different solution in which we used SC- in order to create a convenient “handle” for the ballot that didn’t interfere with numbering. Ben Wilson (Mozilla) felt we should keep the current system as it is, and said if a ballot were abandoned once it reached the discussion stage it was relatively easy to note that in the historical record; he also pointed out that a ballot doesn’t need to be in its final form for someone to endorse it. Aaron suggested using the pull-request number for naming draft ballots. Tim Callan (Sectigo) pointed out that if we took the approach of encouraging “early endorsers” we might see people voting no on a ballot they endorsed initially because of the changes since they endorsed it; the group felt it was important in that case to emphasize there was no stigma attached to withdrawing endorsement of a ballot or voting no on a ballot previously endorsed. Dimitris summarized the discussion and encouraged further discussion around this on future calls. The next topic was volunteers around minute-taking. Dimitris explained the rotation system currently in use for minute-takers, and asked that people reach out to him to be added to or removed from the list of minute-takers. V. New Business There were no new-business items from the group. Dimitris adjourned the meeting, noting the next meeting would be 12 February.
2026-01-15 Minutes of the Forum
January 15, 2026 by Martijn KaterbargMinutes: Begin Recording - Roll Call Read note-well Note read by Dimitris in the SCWG call
January 15, 2026 by Martijn KaterbargMinutes: Begin Recording - Roll Call Read note-well Note read by Dimitris in the SCWG call
2026-01-15 Minutes of the Server Certificate Working Group
January 15, 2026 by Wayne ThayerMinutes: Begin Recording - Roll Call Recording started
January 15, 2026 by Wayne ThayerMinutes: Begin Recording - Roll Call Recording started
2025-12-18 Minutes of the Forum
December 18, 2025 by Final Minutes for CA/B Forum Plenary Meeting 2025-12-18Minutes: Opening: Dean Coclin (DigiCert) confirmed the recording was on and the Notewell was read. Attendance was taken. Minutes from December 4th were not yet released and would be addressed with Eva. Working Group Updates: Server Certificate Working Group: Dimitris Zacharopoulos (HARICA) provided an update: The WG reviewed open issues on GitHub, with many being incorporated into the cleanup ballot. Discussions led to progress and consensus on a path forward for several issues. Wayne Thayer (Fastly) provided an update on the previous Validation Subcommittee meeting. They continued discussion on Jacob Hoffman Andrew’s pull request to update the definition of ADN, which involves substantial changes to section 3.2.2.4 and is moving in the right direction. In that call, Clint also proposed a ballot regarding the use of RDAP in the EV Guidelines, as the guidelines only specified WHOIS. The conclusion was that since the definition of WHOIS includes the RDAP protocol in the Baseline Requirements, only a clarification was needed, and this would be added to the cleanup ballot. Code Signing Certificate Working Group: Martijn Katerbarg (Sectigo) reported a short call last week with limited participants, so there was no significant update. He hoped for more traction next year. S/MIME Certificate Working Group: Martijn Katerbarg (Sectigo) reported on the previous month’s call where the main topic was client authentication for SMTP servers. It was unclear if there was an impact on the ecosystem or if it slightly overlapped with the Server Certificate WG. No real details were decided on the direction for this topic. NetSec Working Group: No update. Definitions and Glossary Working Group: No update. Forum Infrastructure Subcommittee: Ben Wilson (Mozilla) stated that there had not been a call recently, so there was no update. Any Other Business: Dean Coclin (DigiCert) mentioned he received feedback on his proposal for a Member Emeritus category. He acknowledged the concerns and will come up with an alternative, providing an update after the new year. January 1st Meeting Cancellation: Dean Coclin (DigiCert) explained that he had attempted to cancel the 2026-01-01 meeting in the Webex account, but it had disappeared from the Webex portal, though it might still show on attendees’ calendars. He asked anyone with the invite on their calendar for 2026-01-01 to please delete it, as the meeting is not happening. Dimitris Zacharopoulos (HARICA) suggested adjusting recurring meeting dates, and Ben Wilson (Mozilla) speculated it might have been created before the CA/B Forum Webex account. Dean Coclin (DigiCert) also provided an update on the F2F Meeting in Houston, TX, from 2026-03-10 to 2026-03-12. Arrangements are progressing, and he encouraged attendees to register. Next Call & Adjournment: The next call will be on 2026-01-15. Dean Coclin (DigiCert) wished everyone a Happy New Year, Merry Christmas, and happy holidays, then adjourned the meeting. Attendees:
December 18, 2025 by Final Minutes for CA/B Forum Plenary Meeting 2025-12-18Minutes: Opening: Dean Coclin (DigiCert) confirmed the recording was on and the Notewell was read. Attendance was taken. Minutes from December 4th were not yet released and would be addressed with Eva. Working Group Updates: Server Certificate Working Group: Dimitris Zacharopoulos (HARICA) provided an update: The WG reviewed open issues on GitHub, with many being incorporated into the cleanup ballot. Discussions led to progress and consensus on a path forward for several issues. Wayne Thayer (Fastly) provided an update on the previous Validation Subcommittee meeting. They continued discussion on Jacob Hoffman Andrew’s pull request to update the definition of ADN, which involves substantial changes to section 3.2.2.4 and is moving in the right direction. In that call, Clint also proposed a ballot regarding the use of RDAP in the EV Guidelines, as the guidelines only specified WHOIS. The conclusion was that since the definition of WHOIS includes the RDAP protocol in the Baseline Requirements, only a clarification was needed, and this would be added to the cleanup ballot. Code Signing Certificate Working Group: Martijn Katerbarg (Sectigo) reported a short call last week with limited participants, so there was no significant update. He hoped for more traction next year. S/MIME Certificate Working Group: Martijn Katerbarg (Sectigo) reported on the previous month’s call where the main topic was client authentication for SMTP servers. It was unclear if there was an impact on the ecosystem or if it slightly overlapped with the Server Certificate WG. No real details were decided on the direction for this topic. NetSec Working Group: No update. Definitions and Glossary Working Group: No update. Forum Infrastructure Subcommittee: Ben Wilson (Mozilla) stated that there had not been a call recently, so there was no update. Any Other Business: Dean Coclin (DigiCert) mentioned he received feedback on his proposal for a Member Emeritus category. He acknowledged the concerns and will come up with an alternative, providing an update after the new year. January 1st Meeting Cancellation: Dean Coclin (DigiCert) explained that he had attempted to cancel the 2026-01-01 meeting in the Webex account, but it had disappeared from the Webex portal, though it might still show on attendees’ calendars. He asked anyone with the invite on their calendar for 2026-01-01 to please delete it, as the meeting is not happening. Dimitris Zacharopoulos (HARICA) suggested adjusting recurring meeting dates, and Ben Wilson (Mozilla) speculated it might have been created before the CA/B Forum Webex account. Dean Coclin (DigiCert) also provided an update on the F2F Meeting in Houston, TX, from 2026-03-10 to 2026-03-12. Arrangements are progressing, and he encouraged attendees to register. Next Call & Adjournment: The next call will be on 2026-01-15. Dean Coclin (DigiCert) wished everyone a Happy New Year, Merry Christmas, and happy holidays, then adjourned the meeting. Attendees:
2025-12-18 Minutes of the Server Certificate Working Group
December 18, 2025 by Wayne ThayerMinutes: Opening: Dimitris Zacharopoulos (HARICA) welcomed attendees and waited for more participants to join. Roll call was taken from Webex. Dustin Hollenback (Apple) was confirmed as the minute taker. Dimitris Zacharopoulos (HARICA) confirmed the meeting was being recorded and the Notewell was read. Dimitris Zacharopoulos (HARICA) noted the agenda was short and asked for any additions or changes. None were proposed. Minutes Approval: Minutes from the previous teleconference (2025-12-04) had not been distributed. Dimitris Zacharopoulos (HARICA) will send a reminder to Eva to complete them for the next meeting. Membership Applications:
December 18, 2025 by Wayne ThayerMinutes: Opening: Dimitris Zacharopoulos (HARICA) welcomed attendees and waited for more participants to join. Roll call was taken from Webex. Dustin Hollenback (Apple) was confirmed as the minute taker. Dimitris Zacharopoulos (HARICA) confirmed the meeting was being recorded and the Notewell was read. Dimitris Zacharopoulos (HARICA) noted the agenda was short and asked for any additions or changes. None were proposed. Minutes Approval: Minutes from the previous teleconference (2025-12-04) had not been distributed. Dimitris Zacharopoulos (HARICA) will send a reminder to Eva to complete them for the next meeting. Membership Applications:
2025-12-17 Minutes of the S/MIME Certificate Working Group
December 17, 2025 by Minutes of SMCWG December 17, 2025 These are the Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply.
December 17, 2025 by Minutes of SMCWG December 17, 2025 These are the Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply.
2025-12-04 Minutes of the Forum
December 4, 2025 by Final Minutes of CA/B Forum meeting December 4, 2025 Approval of minutes: November 6th minutes: approved F2F minutes: approved Server Certificate Working Group update (Dimitris): Summary of November 20th meetings. Basically: summary of the ballots, not much progress. Validation: no meeting last week. Code Signing Certificate Working Group update (Martijn): no updates. Next meeting next week. S/MIME Certificate Working Group update (Stephen): invited guests. SMIME BR has made improvement over time in the security of the ecosystem. Additional study: relatively high occurrence of key-reuse. Topic for 2026. Number of ballots for the new year, relating to pseudonyms and mobile driver licenses. Upcoming discussions: SMTP to SMTP, close enough to SMIME to find out what the problem is. Next steps to be determined. NetSec Working Group update (Clint): Not much discussion on the re-write, but next steps on cloud services. Very specific use cases, implementation guidance. No specific driver for that though. Definitions and Glossary Working Group (Tim H.): Waiting for resource to become available. Forum Infrastructure Subcommittee update (Jos): No update. Membership tools are down at the moment. This may delay sending out emails of recordings and minutes, just the automated ones. Any Other Business: Proposal for new Membership category. Action to put in a ballot – will put a draft ballot forward in the next week. Next call: Dec 18, 2025 Attendees: Aaron Gable (Let’s Encrypt), Aaron Poulsen (Amazon), Adriano Santoni (Actalis S.p.A.), Alvin Wang (SHECA), Antti Backman (Telia Company), Ben Wilson (Mozilla), Chad Dandar (Cisco Systems), Chris Clements (Google), Clint Wilson (Apple), Corey Bonnell (DigiCert), Cynethia Brown (US Federal PKI Management Authority), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Apple), Enrico Entschew (D-TRUST), Eric Kramer (Sectigo), Eva Vansteenberge (GlobalSign), Hogeun Yoo (NAVER Cloud Trust Services), Inaba Atsushi (GlobalSign), Iñigo Barreira (Sectigo), Jaime Hablutzel (OISTE Foundation), Jeanette Snook (Visa), Jeff Ward (CPA Canada/WebTrust), Johnny Reading (GoDaddy), Jun Okura (Cybertrust Japan), Kateryna Aleksieieva (Asseco Data Systems SA (Certum)), Lilia Dubko (CPA Canada/WebTrust), Lucy Buecking (IdenTrust), Mahua Chaudhuri (Microsoft), Marco Schambach (IdenTrust), Martijn Katerbarg (Sectigo), Masaru Sakamoto (Cybertrust Japan), Matthew McPherrin (Let’s Encrypt), Michael Slaughter (Amazon), Michelle Coon (OATI), Nargis Mannan (VikingCloud), Nate Smith (GoDaddy), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Rollin Yu (TrustAsia), Roman Fischer (SwissSign), Ryan Dickson (Google), Sandy Balzer (SwissSign), Scott Rea (eMudhra), Sean Huang (TWCA), Stephen Davidson (DigiCert), Steven Deitte (GoDaddy), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yamian Quintero (Microsoft)
December 4, 2025 by Final Minutes of CA/B Forum meeting December 4, 2025 Approval of minutes: November 6th minutes: approved F2F minutes: approved Server Certificate Working Group update (Dimitris): Summary of November 20th meetings. Basically: summary of the ballots, not much progress. Validation: no meeting last week. Code Signing Certificate Working Group update (Martijn): no updates. Next meeting next week. S/MIME Certificate Working Group update (Stephen): invited guests. SMIME BR has made improvement over time in the security of the ecosystem. Additional study: relatively high occurrence of key-reuse. Topic for 2026. Number of ballots for the new year, relating to pseudonyms and mobile driver licenses. Upcoming discussions: SMTP to SMTP, close enough to SMIME to find out what the problem is. Next steps to be determined. NetSec Working Group update (Clint): Not much discussion on the re-write, but next steps on cloud services. Very specific use cases, implementation guidance. No specific driver for that though. Definitions and Glossary Working Group (Tim H.): Waiting for resource to become available. Forum Infrastructure Subcommittee update (Jos): No update. Membership tools are down at the moment. This may delay sending out emails of recordings and minutes, just the automated ones. Any Other Business: Proposal for new Membership category. Action to put in a ballot – will put a draft ballot forward in the next week. Next call: Dec 18, 2025 Attendees: Aaron Gable (Let’s Encrypt), Aaron Poulsen (Amazon), Adriano Santoni (Actalis S.p.A.), Alvin Wang (SHECA), Antti Backman (Telia Company), Ben Wilson (Mozilla), Chad Dandar (Cisco Systems), Chris Clements (Google), Clint Wilson (Apple), Corey Bonnell (DigiCert), Cynethia Brown (US Federal PKI Management Authority), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Apple), Enrico Entschew (D-TRUST), Eric Kramer (Sectigo), Eva Vansteenberge (GlobalSign), Hogeun Yoo (NAVER Cloud Trust Services), Inaba Atsushi (GlobalSign), Iñigo Barreira (Sectigo), Jaime Hablutzel (OISTE Foundation), Jeanette Snook (Visa), Jeff Ward (CPA Canada/WebTrust), Johnny Reading (GoDaddy), Jun Okura (Cybertrust Japan), Kateryna Aleksieieva (Asseco Data Systems SA (Certum)), Lilia Dubko (CPA Canada/WebTrust), Lucy Buecking (IdenTrust), Mahua Chaudhuri (Microsoft), Marco Schambach (IdenTrust), Martijn Katerbarg (Sectigo), Masaru Sakamoto (Cybertrust Japan), Matthew McPherrin (Let’s Encrypt), Michael Slaughter (Amazon), Michelle Coon (OATI), Nargis Mannan (VikingCloud), Nate Smith (GoDaddy), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Rollin Yu (TrustAsia), Roman Fischer (SwissSign), Ryan Dickson (Google), Sandy Balzer (SwissSign), Scott Rea (eMudhra), Sean Huang (TWCA), Stephen Davidson (DigiCert), Steven Deitte (GoDaddy), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yamian Quintero (Microsoft)
2025-12-04 Minutes of the Server Certificate Working Group
December 4, 2025 by Wayne Thayer1. Roll Call and Housekeeping Roll Call from Webex. Technical issues with membership tool is being worked on. Manual capturing attendance. Comment by Martijn Katerbarg (Sectigo) that it will be auto-run.
December 4, 2025 by Wayne Thayer1. Roll Call and Housekeeping Roll Call from Webex. Technical issues with membership tool is being worked on. Manual capturing attendance. Comment by Martijn Katerbarg (Sectigo) that it will be auto-run.
2025-12-03 Minutes of the S/MIME Certificate Working Group
December 3, 2025 by Minutes of SMCWG December 3, 2025 These are the Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply.
December 3, 2025 by Minutes of SMCWG December 3, 2025 These are the Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply.