CA/Browser Forum posts
Posts by tag Minutes
2026-01-15 Minutes of the Server Certificate Working Group
January 15, 2026 by Wayne ThayerMinutes: Begin Recording - Roll Call Recording started
January 15, 2026 by Wayne ThayerMinutes: Begin Recording - Roll Call Recording started
2025-12-18 Minutes of the Forum
December 18, 2025 by Final Minutes for CA/B Forum Plenary Meeting 2025-12-18Minutes: Opening: Dean Coclin (DigiCert) confirmed the recording was on and the Notewell was read. Attendance was taken. Minutes from December 4th were not yet released and would be addressed with Eva. Working Group Updates: Server Certificate Working Group: Dimitris Zacharopoulos (HARICA) provided an update: The WG reviewed open issues on GitHub, with many being incorporated into the cleanup ballot. Discussions led to progress and consensus on a path forward for several issues. Wayne Thayer (Fastly) provided an update on the previous Validation Subcommittee meeting. They continued discussion on Jacob Hoffman Andrew’s pull request to update the definition of ADN, which involves substantial changes to section 3.2.2.4 and is moving in the right direction. In that call, Clint also proposed a ballot regarding the use of RDAP in the EV Guidelines, as the guidelines only specified WHOIS. The conclusion was that since the definition of WHOIS includes the RDAP protocol in the Baseline Requirements, only a clarification was needed, and this would be added to the cleanup ballot. Code Signing Certificate Working Group: Martijn Katerbarg (Sectigo) reported a short call last week with limited participants, so there was no significant update. He hoped for more traction next year. S/MIME Certificate Working Group: Martijn Katerbarg (Sectigo) reported on the previous month’s call where the main topic was client authentication for SMTP servers. It was unclear if there was an impact on the ecosystem or if it slightly overlapped with the Server Certificate WG. No real details were decided on the direction for this topic. NetSec Working Group: No update. Definitions and Glossary Working Group: No update. Forum Infrastructure Subcommittee: Ben Wilson (Mozilla) stated that there had not been a call recently, so there was no update. Any Other Business: Dean Coclin (DigiCert) mentioned he received feedback on his proposal for a Member Emeritus category. He acknowledged the concerns and will come up with an alternative, providing an update after the new year. January 1st Meeting Cancellation: Dean Coclin (DigiCert) explained that he had attempted to cancel the 2026-01-01 meeting in the Webex account, but it had disappeared from the Webex portal, though it might still show on attendees’ calendars. He asked anyone with the invite on their calendar for 2026-01-01 to please delete it, as the meeting is not happening. Dimitris Zacharopoulos (HARICA) suggested adjusting recurring meeting dates, and Ben Wilson (Mozilla) speculated it might have been created before the CA/B Forum Webex account. Dean Coclin (DigiCert) also provided an update on the F2F Meeting in Houston, TX, from 2026-03-10 to 2026-03-12. Arrangements are progressing, and he encouraged attendees to register. Next Call & Adjournment: The next call will be on 2026-01-15. Dean Coclin (DigiCert) wished everyone a Happy New Year, Merry Christmas, and happy holidays, then adjourned the meeting. Attendees:
December 18, 2025 by Final Minutes for CA/B Forum Plenary Meeting 2025-12-18Minutes: Opening: Dean Coclin (DigiCert) confirmed the recording was on and the Notewell was read. Attendance was taken. Minutes from December 4th were not yet released and would be addressed with Eva. Working Group Updates: Server Certificate Working Group: Dimitris Zacharopoulos (HARICA) provided an update: The WG reviewed open issues on GitHub, with many being incorporated into the cleanup ballot. Discussions led to progress and consensus on a path forward for several issues. Wayne Thayer (Fastly) provided an update on the previous Validation Subcommittee meeting. They continued discussion on Jacob Hoffman Andrew’s pull request to update the definition of ADN, which involves substantial changes to section 3.2.2.4 and is moving in the right direction. In that call, Clint also proposed a ballot regarding the use of RDAP in the EV Guidelines, as the guidelines only specified WHOIS. The conclusion was that since the definition of WHOIS includes the RDAP protocol in the Baseline Requirements, only a clarification was needed, and this would be added to the cleanup ballot. Code Signing Certificate Working Group: Martijn Katerbarg (Sectigo) reported a short call last week with limited participants, so there was no significant update. He hoped for more traction next year. S/MIME Certificate Working Group: Martijn Katerbarg (Sectigo) reported on the previous month’s call where the main topic was client authentication for SMTP servers. It was unclear if there was an impact on the ecosystem or if it slightly overlapped with the Server Certificate WG. No real details were decided on the direction for this topic. NetSec Working Group: No update. Definitions and Glossary Working Group: No update. Forum Infrastructure Subcommittee: Ben Wilson (Mozilla) stated that there had not been a call recently, so there was no update. Any Other Business: Dean Coclin (DigiCert) mentioned he received feedback on his proposal for a Member Emeritus category. He acknowledged the concerns and will come up with an alternative, providing an update after the new year. January 1st Meeting Cancellation: Dean Coclin (DigiCert) explained that he had attempted to cancel the 2026-01-01 meeting in the Webex account, but it had disappeared from the Webex portal, though it might still show on attendees’ calendars. He asked anyone with the invite on their calendar for 2026-01-01 to please delete it, as the meeting is not happening. Dimitris Zacharopoulos (HARICA) suggested adjusting recurring meeting dates, and Ben Wilson (Mozilla) speculated it might have been created before the CA/B Forum Webex account. Dean Coclin (DigiCert) also provided an update on the F2F Meeting in Houston, TX, from 2026-03-10 to 2026-03-12. Arrangements are progressing, and he encouraged attendees to register. Next Call & Adjournment: The next call will be on 2026-01-15. Dean Coclin (DigiCert) wished everyone a Happy New Year, Merry Christmas, and happy holidays, then adjourned the meeting. Attendees:
2025-12-18 Minutes of the Server Certificate Working Group
December 18, 2025 by Wayne ThayerMinutes: Opening: Dimitris Zacharopoulos (HARICA) welcomed attendees and waited for more participants to join. Roll call was taken from Webex. Dustin Hollenback (Apple) was confirmed as the minute taker. Dimitris Zacharopoulos (HARICA) confirmed the meeting was being recorded and the Notewell was read. Dimitris Zacharopoulos (HARICA) noted the agenda was short and asked for any additions or changes. None were proposed. Minutes Approval: Minutes from the previous teleconference (2025-12-04) had not been distributed. Dimitris Zacharopoulos (HARICA) will send a reminder to Eva to complete them for the next meeting. Membership Applications:
December 18, 2025 by Wayne ThayerMinutes: Opening: Dimitris Zacharopoulos (HARICA) welcomed attendees and waited for more participants to join. Roll call was taken from Webex. Dustin Hollenback (Apple) was confirmed as the minute taker. Dimitris Zacharopoulos (HARICA) confirmed the meeting was being recorded and the Notewell was read. Dimitris Zacharopoulos (HARICA) noted the agenda was short and asked for any additions or changes. None were proposed. Minutes Approval: Minutes from the previous teleconference (2025-12-04) had not been distributed. Dimitris Zacharopoulos (HARICA) will send a reminder to Eva to complete them for the next meeting. Membership Applications:
2025-12-04 Minutes of the Forum
December 4, 2025 by Final Minutes of CA/B Forum meeting December 4, 2025 Approval of minutes: November 6th minutes: approved F2F minutes: approved Server Certificate Working Group update (Dimitris): Summary of November 20th meetings. Basically: summary of the ballots, not much progress. Validation: no meeting last week. Code Signing Certificate Working Group update (Martijn): no updates. Next meeting next week. S/MIME Certificate Working Group update (Stephen): invited guests. SMIME BR has made improvement over time in the security of the ecosystem. Additional study: relatively high occurrence of key-reuse. Topic for 2026. Number of ballots for the new year, relating to pseudonyms and mobile driver licenses. Upcoming discussions: SMTP to SMTP, close enough to SMIME to find out what the problem is. Next steps to be determined. NetSec Working Group update (Clint): Not much discussion on the re-write, but next steps on cloud services. Very specific use cases, implementation guidance. No specific driver for that though. Definitions and Glossary Working Group (Tim H.): Waiting for resource to become available. Forum Infrastructure Subcommittee update (Jos): No update. Membership tools are down at the moment. This may delay sending out emails of recordings and minutes, just the automated ones. Any Other Business: Proposal for new Membership category. Action to put in a ballot – will put a draft ballot forward in the next week. Next call: Dec 18, 2025 Attendees: Aaron Gable (Let’s Encrypt), Aaron Poulsen (Amazon), Adriano Santoni (Actalis S.p.A.), Alvin Wang (SHECA), Antti Backman (Telia Company), Ben Wilson (Mozilla), Chad Dandar (Cisco Systems), Chris Clements (Google), Clint Wilson (Apple), Corey Bonnell (DigiCert), Cynethia Brown (US Federal PKI Management Authority), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Apple), Enrico Entschew (D-TRUST), Eric Kramer (Sectigo), Eva Vansteenberge (GlobalSign), Hogeun Yoo (NAVER Cloud Trust Services), Inaba Atsushi (GlobalSign), Iñigo Barreira (Sectigo), Jaime Hablutzel (OISTE Foundation), Jeanette Snook (Visa), Jeff Ward (CPA Canada/WebTrust), Johnny Reading (GoDaddy), Jun Okura (Cybertrust Japan), Kateryna Aleksieieva (Asseco Data Systems SA (Certum)), Lilia Dubko (CPA Canada/WebTrust), Lucy Buecking (IdenTrust), Mahua Chaudhuri (Microsoft), Marco Schambach (IdenTrust), Martijn Katerbarg (Sectigo), Masaru Sakamoto (Cybertrust Japan), Matthew McPherrin (Let’s Encrypt), Michael Slaughter (Amazon), Michelle Coon (OATI), Nargis Mannan (VikingCloud), Nate Smith (GoDaddy), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Rollin Yu (TrustAsia), Roman Fischer (SwissSign), Ryan Dickson (Google), Sandy Balzer (SwissSign), Scott Rea (eMudhra), Sean Huang (TWCA), Stephen Davidson (DigiCert), Steven Deitte (GoDaddy), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yamian Quintero (Microsoft)
December 4, 2025 by Final Minutes of CA/B Forum meeting December 4, 2025 Approval of minutes: November 6th minutes: approved F2F minutes: approved Server Certificate Working Group update (Dimitris): Summary of November 20th meetings. Basically: summary of the ballots, not much progress. Validation: no meeting last week. Code Signing Certificate Working Group update (Martijn): no updates. Next meeting next week. S/MIME Certificate Working Group update (Stephen): invited guests. SMIME BR has made improvement over time in the security of the ecosystem. Additional study: relatively high occurrence of key-reuse. Topic for 2026. Number of ballots for the new year, relating to pseudonyms and mobile driver licenses. Upcoming discussions: SMTP to SMTP, close enough to SMIME to find out what the problem is. Next steps to be determined. NetSec Working Group update (Clint): Not much discussion on the re-write, but next steps on cloud services. Very specific use cases, implementation guidance. No specific driver for that though. Definitions and Glossary Working Group (Tim H.): Waiting for resource to become available. Forum Infrastructure Subcommittee update (Jos): No update. Membership tools are down at the moment. This may delay sending out emails of recordings and minutes, just the automated ones. Any Other Business: Proposal for new Membership category. Action to put in a ballot – will put a draft ballot forward in the next week. Next call: Dec 18, 2025 Attendees: Aaron Gable (Let’s Encrypt), Aaron Poulsen (Amazon), Adriano Santoni (Actalis S.p.A.), Alvin Wang (SHECA), Antti Backman (Telia Company), Ben Wilson (Mozilla), Chad Dandar (Cisco Systems), Chris Clements (Google), Clint Wilson (Apple), Corey Bonnell (DigiCert), Cynethia Brown (US Federal PKI Management Authority), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Apple), Enrico Entschew (D-TRUST), Eric Kramer (Sectigo), Eva Vansteenberge (GlobalSign), Hogeun Yoo (NAVER Cloud Trust Services), Inaba Atsushi (GlobalSign), Iñigo Barreira (Sectigo), Jaime Hablutzel (OISTE Foundation), Jeanette Snook (Visa), Jeff Ward (CPA Canada/WebTrust), Johnny Reading (GoDaddy), Jun Okura (Cybertrust Japan), Kateryna Aleksieieva (Asseco Data Systems SA (Certum)), Lilia Dubko (CPA Canada/WebTrust), Lucy Buecking (IdenTrust), Mahua Chaudhuri (Microsoft), Marco Schambach (IdenTrust), Martijn Katerbarg (Sectigo), Masaru Sakamoto (Cybertrust Japan), Matthew McPherrin (Let’s Encrypt), Michael Slaughter (Amazon), Michelle Coon (OATI), Nargis Mannan (VikingCloud), Nate Smith (GoDaddy), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Rollin Yu (TrustAsia), Roman Fischer (SwissSign), Ryan Dickson (Google), Sandy Balzer (SwissSign), Scott Rea (eMudhra), Sean Huang (TWCA), Stephen Davidson (DigiCert), Steven Deitte (GoDaddy), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yamian Quintero (Microsoft)
2025-12-04 Minutes of the Server Certificate Working Group
December 4, 2025 by Wayne Thayer1. Roll Call and Housekeeping Roll Call from Webex. Technical issues with membership tool is being worked on. Manual capturing attendance. Comment by Martijn Katerbarg (Sectigo) that it will be auto-run.
December 4, 2025 by Wayne Thayer1. Roll Call and Housekeeping Roll Call from Webex. Technical issues with membership tool is being worked on. Manual capturing attendance. Comment by Martijn Katerbarg (Sectigo) that it will be auto-run.
2025-11-20 Minutes of the Forum
November 20, 2025 by Minutes for CA/B Forum Plenary Teleconference 2025-11-06Minutes Meeting minutes for November 6th were approved. Dean said that the summer F2F meetings for the next few years have been cancelled.
November 20, 2025 by Minutes for CA/B Forum Plenary Teleconference 2025-11-06Minutes Meeting minutes for November 6th were approved. Dean said that the summer F2F meetings for the next few years have been cancelled.
2025-11-20 Minutes of the Server Certificate Working Group
November 20, 2025 by Wayne ThayerDimitris read the note well. Meeting minutes for November 6th were approved. Dimitris provided the current ballot status (as indicated in agenda). The status for ballots under consideration was provided by various members:
November 20, 2025 by Wayne ThayerDimitris read the note well. Meeting minutes for November 6th were approved. Dimitris provided the current ballot status (as indicated in agenda). The status for ballots under consideration was provided by various members:
2025-11-06 Minutes of the Forum
November 6, 2025 by Minutes for CA/B Forum Plenary Teleconference 2025-11-06Roll call Aaron Gable (Let’s Encrypt), Aaron Poulsen (Amazon), Adam Jones (Microsoft), Adrian Mueller (SwissSign), Alvin Wang (SHECA), Antti Backman (Telia Company), Ben Wilson (Mozilla), Chris Clements (Google), Clint Wilson (Apple), Daryn Wright (Apple), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Apple), Enrico Entschew (D-TRUST), Gurleen Grewal (Google), Hogeun Yoo (NAVER Cloud Trust Services), Inaba Atsushi (GlobalSign), Jeanette Snook (Visa), Jos Purvis (Fastly), Jun Okura (Cybertrust Japan), Kateryna Aleksieieva (Asseco Data Systems SA (Certum)), Lilia Dubko (CPA Canada/WebTrust), Lucy Buecking (IdenTrust), Luis Cervantes (SSL.com), Mahua Chaudhuri (Microsoft), Marco Schambach (IdenTrust), Masaru Sakamoto (Cybertrust Japan), Matthew McPherrin (Let’s Encrypt), Michelle Coon (OATI), Mrugesh Chandarana (IdenTrust), Nargis Mannan (VikingCloud), Nate Smith (GoDaddy), Nicol So (CommScope), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Rollin Yu (TrustAsia), Roman Fischer (SwissSign), Ryan Dickson (Google), Sean Huang (TWCA), Stephen Davidson (DigiCert), Tadahiko Ito (SECOM Trust Systems), Tathan Thacker (IdenTrust), Thomas Zermeno (SSL.com), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority).
November 6, 2025 by Minutes for CA/B Forum Plenary Teleconference 2025-11-06Roll call Aaron Gable (Let’s Encrypt), Aaron Poulsen (Amazon), Adam Jones (Microsoft), Adrian Mueller (SwissSign), Alvin Wang (SHECA), Antti Backman (Telia Company), Ben Wilson (Mozilla), Chris Clements (Google), Clint Wilson (Apple), Daryn Wright (Apple), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Apple), Enrico Entschew (D-TRUST), Gurleen Grewal (Google), Hogeun Yoo (NAVER Cloud Trust Services), Inaba Atsushi (GlobalSign), Jeanette Snook (Visa), Jos Purvis (Fastly), Jun Okura (Cybertrust Japan), Kateryna Aleksieieva (Asseco Data Systems SA (Certum)), Lilia Dubko (CPA Canada/WebTrust), Lucy Buecking (IdenTrust), Luis Cervantes (SSL.com), Mahua Chaudhuri (Microsoft), Marco Schambach (IdenTrust), Masaru Sakamoto (Cybertrust Japan), Matthew McPherrin (Let’s Encrypt), Michelle Coon (OATI), Mrugesh Chandarana (IdenTrust), Nargis Mannan (VikingCloud), Nate Smith (GoDaddy), Nicol So (CommScope), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Rollin Yu (TrustAsia), Roman Fischer (SwissSign), Ryan Dickson (Google), Sean Huang (TWCA), Stephen Davidson (DigiCert), Tadahiko Ito (SECOM Trust Systems), Tathan Thacker (IdenTrust), Thomas Zermeno (SSL.com), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority).
2025-11-06 Minutes of the Server Certificate Working Group
November 6, 2025 by Wayne ThayerBegin Recording - Roll Call (as noted) Read note-well. Note well read by Dimitris Review of Agenda. Agenda reviewed, no changes Minutes approval October 16, 2025, F2F#66 (Draft minutes have not been distributed yet). Nothing to review yet. Will be reviewed at future meeting. Membership applications Ronald Koorn (Interested Party, individual). Approved Saudi Data and Artificial Intelligence Authority (SDAIA), previously known as National Center for Digital Certification (NCDC) (Root Certificate Issuer). Question: Is this a meaningful transfer of key material and should this be reviewed again? Answer: No, this is not what happened. It’s a reorg within the Saudi government. The root is trusted by Microsoft and CCADB shows the root is now listed as SDAIA. Membership approved.
November 6, 2025 by Wayne ThayerBegin Recording - Roll Call (as noted) Read note-well. Note well read by Dimitris Review of Agenda. Agenda reviewed, no changes Minutes approval October 16, 2025, F2F#66 (Draft minutes have not been distributed yet). Nothing to review yet. Will be reviewed at future meeting. Membership applications Ronald Koorn (Interested Party, individual). Approved Saudi Data and Artificial Intelligence Authority (SDAIA), previously known as National Center for Digital Certification (NCDC) (Root Certificate Issuer). Question: Is this a meaningful transfer of key material and should this be reviewed again? Answer: No, this is not what happened. It’s a reorg within the Saudi government. The root is trusted by Microsoft and CCADB shows the root is now listed as SDAIA. Membership approved.
2025-10-30 Minutes of the Code Signing Certificate Working Group
October 30, 2025 by CSCWG – Meeting MinutesDate: October 30, 2025 1. Note Well The Note Well was read.
October 30, 2025 by CSCWG – Meeting MinutesDate: October 30, 2025 1. Note Well The Note Well was read.